Strix
26.1K

CVE-2018-0006

UnknownEPSS 0.67%

Last modified

CVE-2018-0006 is a vulnerability of currently unknown severity. A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number of pending VLAN authentication requests, leading to excessive memory allocation. EPSS estimates a 0.67% chance of exploitation in the next 30 days.

Description

A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number of pending VLAN authentication requests, leading to excessive memory allocation. This issue only affects devices configured for DHCPv4/v6 over AE auto-sensed VLANs, utilized in Broadband Edge (BBE) deployments. Other configurations are unaffected by this issue. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1R6-S2, 15.1R7; 16.1 versions prior to 16.1R5-S1, 16.1R6; 16.2 versions prior to 16.2R2-S2, 16.2R3; 17.1 versions prior to 17.1R2-S5, 17.1R3; 17.2 versions prior to 17.2R2.

Metrics

EPSS Probability
0.67%

47.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
JuniperJunos15.1
JuniperJunos16.1
JuniperJunos16.2R1
JuniperJunos17.1R1
JuniperJunos17.2R1

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2018-0006?
A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number of pending VLAN authentication requests, leading to excessive memory allocation. This issue only affects devices configured for DHCPv4/v6 over AE auto-sensed VLANs, utilized in Broadband Edge (BBE) deployments. Other configurations are unaffected by this issue. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1R6-S2, 15.1R7; 16.1 versions prior to 16.1R5-S1, 16.1R6; 16.2 versions prior to 16.2R2-S2, 16.2R3; 17.1 versions prior to 17.1R2-S5, 17.1R3; 17.2 versions prior to 17.2R2.
How severe is CVE-2018-0006?
Severity scoring for CVE-2018-0006 is pending analysis. The EPSS model estimates a 0.67% probability of exploitation in the next 30 days.
How do I fix CVE-2018-0006?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-0006?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST