CVE-2019-0044
HIGHJuniper Junos - Denial of Service via Crafted Packet to fxp0 Interface
Title source: llmDescription
Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the rpd process causing prolonged Denial of Service (DoS). Affected releases are Juniper Networks SRX5000 Series: 12.1X46 versions prior to 12.1X46-D82; 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
https://kb.juniper.net/JSA10936
Broken Link vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/107872
Scores
CVSS v3
7.5
EPSS
0.0060
EPSS Percentile
69.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-404
Status
published
Products (3)
juniper/junos
12.3x48 (16 CPE variants)
juniper/junos
12.1x46 (17 CPE variants)
juniper/junos
15.1x49 d10 (17 CPE variants)
Published
Apr 10, 2019
Tracked Since
Feb 18, 2026