CVE-2019-0051
Last modified
CVE-2019-0051 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. EPSS estimates a 1.06% chance of exploitation in the next 30 days.
Description
SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. For this issue to occur, clients protected by the SRX device must initiate a connection to the malicious server. This issue affects: Juniper Networks Junos OS on SRX5000 Series: 12.3X48 versions prior to 12.3X48-D85; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | 12.3x48 |
| Juniper | Junos | 15.1x49 |
| Juniper | Junos | 17.3 |
| Juniper | Junos | 17.4 |
| Juniper | Junos | 18.1 |
| Juniper | Junos | 18.2 |
| Juniper | Junos | 18.3 |
| Juniper | Junos | 18.4 |
| Juniper | Junos | 19.1 |
References
- https://kb.juniper.net/JSA10973Vendor Advisory
- https://kb.juniper.net/JSA10973Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-0051?
How severe is CVE-2019-0051?
How do I fix CVE-2019-0051?
Are you affected by CVE-2019-0051?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST