CVE-2019-0075
Last modified
CVE-2019-0075 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. A vulnerability in the srxpfe process on Protocol Independent Multicast (PIM) enabled SRX series devices may lead to crash of the srxpfe process and an FPC reboot while processing (PIM) messages. Sustained receipt of these packets may lead to an extended denial of service condition. EPSS estimates a 1.31% chance of exploitation in the next 30 days.
Description
A vulnerability in the srxpfe process on Protocol Independent Multicast (PIM) enabled SRX series devices may lead to crash of the srxpfe process and an FPC reboot while processing (PIM) messages. Sustained receipt of these packets may lead to an extended denial of service condition. Affected releases are Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160; 17.3 versions prior to 17.3R3-S7 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R2; 18.3 versions prior to 18.3R2.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | 12.3x48 |
| Juniper | Junos | 15.1x49 |
| Juniper | Junos | 17.3 |
| Juniper | Junos | 17.4 |
| Juniper | Junos | 18.1 |
| Juniper | Junos | 18.2 |
| Juniper | Junos | 18.3 |
References
- https://kb.juniper.net/JSA10976Vendor Advisory
- https://kb.juniper.net/JSA10976Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-0075?
How severe is CVE-2019-0075?
How do I fix CVE-2019-0075?
Are you affected by CVE-2019-0075?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST