CVE-2019-0068
Last modified
CVE-2019-0068 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. EPSS estimates a 1.31% chance of exploitation in the next 30 days.
Description
The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D90; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions; 17.4 versions prior to 17.4R2-S5, 17.4R3; 18.1 versions prior to 18.1R3-S6; 18.2 versions prior to 18.2R2-S4, 18.2R3; 18.3 versions prior to 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S1, 19.1R2.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Juniper | Junos | 12.3x48 | D10 |
| Juniper | Junos | 15.1x49 | D10 |
| Juniper | Junos | 17.3 | — |
| Juniper | Junos | 17.4 | — |
| Juniper | Junos | 18.1 | — |
| Juniper | Junos | 18.2 | — |
| Juniper | Junos | 18.3 | — |
| Juniper | Junos | 18.4 | — |
| Juniper | Junos | 19.1 | — |
References
- https://kb.juniper.net/JSA10968Vendor Advisory
- https://kb.juniper.net/JSA10968Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-0068?
How severe is CVE-2019-0068?
How do I fix CVE-2019-0068?
Are you affected by CVE-2019-0068?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST