CVE-2019-0011
MEDIUMJunos OS 17.2-18.1R2 DoS via OOB Management Interface Packet
Title source: llmDescription
The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address. By continuously sending this type of packet, an attacker can repeatedly crash the kernel causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 17.2X75 versions prior to 17.2X75-D110; 18.1 versions prior to 18.1R2.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://kb.juniper.net/JSA10911
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106534
Scores
CVSS v3
6.5
EPSS
0.0019
EPSS Percentile
41.1%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (5)
juniper/junos
17.2 (8 CPE variants)
juniper/junos
17.3 (6 CPE variants)
juniper/junos
17.4 (5 CPE variants)
juniper/junos
17.2x75 (7 CPE variants)
juniper/junos
18.1
Published
Jan 15, 2019
Tracked Since
Feb 18, 2026