ID

VAR-201801-1072


CVE

CVE-2018-0004


TITLE

Juniper Networks Junos OS Vulnerable to resource exhaustion

Trust: 0.8

sources: JVNDB: JVNDB-2018-001509

DESCRIPTION

A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device. This affects one or more threads and conversely one or more running processes running on the system. Once this occurs, the high CPU event(s) affects either or both the forwarding and control plane. As a result of this condition the device can become inaccessible in either or both the control and forwarding plane and stops forwarding traffic until the device is rebooted. The issue will reoccur after reboot upon receiving further transit traffic. Score: 5.7 MEDIUM (CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) For network designs utilizing layer 3 forwarding agents or other ARP through layer 3 technologies, the score is slightly higher. Score: 6.5 MEDIUM (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) If the following entry exists in the RE message logs then this may indicate the issue is present. This entry may or may not appear when this issue occurs. /kernel: Expensive timeout(9) function: Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D50; 12.3X48 versions prior to 12.3X48-D30; 12.3R versions prior to 12.3R12-S7; 14.1 versions prior to 14.1R8-S4, 14.1R9; 14.1X53 versions prior to 14.1X53-D30, 14.1X53-D34; 14.2 versions prior to 14.2R8; 15.1 versions prior to 15.1F6, 15.1R3; 15.1X49 versions prior to 15.1X49-D40; 15.1X53 versions prior to 15.1X53-D31, 15.1X53-D33, 15.1X53-D60. No other Juniper Networks products or platforms are affected by this issue. Juniper Networks Junos OS Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Juniper Junos is prone to a denial-of-service vulnerability. Exploiting this issue allows remote attackers to cause a denial-of-service condition due to excessive CPU consumption. The operating system provides a secure programming interface and Junos SDK. A denial of service vulnerability exists in Juniper Junos OS

Trust: 1.98

sources: NVD: CVE-2018-0004 // JVNDB: JVNDB-2018-001509 // BID: 104713 // VULHUB: VHN-118206

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:15.1

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:14.2

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:15.1x53

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:15.1x49

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:14.1x53

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.3x48

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.1x46

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:14.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:12.3

Trust: 1.0

vendor:junipermodel:junos osscope:eqversion:15.1x53-d60

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.3x48

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1r8-s4

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1r3

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1x53-d34

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:14.2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.3x48-d30

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.2r8

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:14.1x53

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1x49-d40

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:14.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.3r12-s7

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1x53-d30

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x46

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1x53-d33

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.3r

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x46-d50

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1x49

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1x53

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1r9

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1f6

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1x53-d31

Trust: 0.8

vendor:junipermodel:junos os 12.3r12scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f5-s7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f5-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f5-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f5-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f4-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2-s19scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2-s18scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2-s16scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2-s14scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r7.5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r7-s9scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r7-s7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r7-s6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r7-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r6.5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r6-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r4-s8scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r4-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r3-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r2.8scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d28scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d26scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d18scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d16scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d122scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d12scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r8-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r8scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r12.4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r12-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r12-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r12-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r12scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r11scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r10.2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r1.8scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d46scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d45scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d37scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d36scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d26scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d20.5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos d25scope:eqversion:12.1x46

Trust: 0.3

vendor:junipermodel:junos d20scope:eqversion:12.1x46

Trust: 0.3

vendor:junipermodel:junos d15scope:eqversion:12.1x46

Trust: 0.3

vendor:junipermodel:junos d10scope:eqversion:12.1x46

Trust: 0.3

vendor:junipermodel:junos os 12.3r12-s7scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d60scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d31scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d40scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 14.2r8scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d34scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d30scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 14.1r9scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 14.1r8-s4scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d30scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d50scope:neversion: -

Trust: 0.3

sources: BID: 104713 // JVNDB: JVNDB-2018-001509 // CNNVD: CNNVD-201711-864 // NVD: CVE-2018-0004

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0004
value: MEDIUM

Trust: 1.0

sirt@juniper.net: CVE-2018-0004
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-0004
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201711-864
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118206
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-0004
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118206
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0004
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-118206 // JVNDB: JVNDB-2018-001509 // CNNVD: CNNVD-201711-864 // NVD: CVE-2018-0004 // NVD: CVE-2018-0004

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-118206 // JVNDB: JVNDB-2018-001509 // NVD: CVE-2018-0004

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201711-864

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201711-864

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-001509

PATCH

title:JSA10832url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10832&actp=METADATA

Trust: 0.8

title:Juniper Junos OS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100220

Trust: 0.6

sources: JVNDB: JVNDB-2018-001509 // CNNVD: CNNVD-201711-864

EXTERNAL IDS

db:NVDid:CVE-2018-0004

Trust: 2.8

db:JUNIPERid:JSA10832

Trust: 2.0

db:SECTRACKid:1040183

Trust: 1.7

db:JVNDBid:JVNDB-2018-001509

Trust: 0.8

db:CNNVDid:CNNVD-201711-864

Trust: 0.7

db:BIDid:104713

Trust: 0.4

db:VULHUBid:VHN-118206

Trust: 0.1

sources: VULHUB: VHN-118206 // BID: 104713 // JVNDB: JVNDB-2018-001509 // CNNVD: CNNVD-201711-864 // NVD: CVE-2018-0004

REFERENCES

url:https://kb.juniper.net/jsa10832

Trust: 1.7

url:http://www.securitytracker.com/id/1040183

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0004

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-0004

Trust: 0.8

url:http://www.juniper.net/

Trust: 0.3

url:http://www.juniper.net/us/en/products-services/nos/junos/

Trust: 0.3

url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10832

Trust: 0.3

sources: VULHUB: VHN-118206 // BID: 104713 // JVNDB: JVNDB-2018-001509 // CNNVD: CNNVD-201711-864 // NVD: CVE-2018-0004

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 104713

SOURCES

db:VULHUBid:VHN-118206
db:BIDid:104713
db:JVNDBid:JVNDB-2018-001509
db:CNNVDid:CNNVD-201711-864
db:NVDid:CVE-2018-0004

LAST UPDATE DATE

2024-08-14T14:39:32.900000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-118206date:2019-10-09T00:00:00
db:BIDid:104713date:2018-01-10T00:00:00
db:JVNDBid:JVNDB-2018-001509date:2018-02-22T00:00:00
db:CNNVDid:CNNVD-201711-864date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0004date:2019-10-09T23:30:55.987

SOURCES RELEASE DATE

db:VULHUBid:VHN-118206date:2018-01-10T00:00:00
db:BIDid:104713date:2018-01-10T00:00:00
db:JVNDBid:JVNDB-2018-001509date:2018-02-22T00:00:00
db:CNNVDid:CNNVD-201711-864date:2017-11-21T00:00:00
db:NVDid:CVE-2018-0004date:2018-01-10T22:29:01.057