ID

VAR-201804-0661


CVE

CVE-2018-0022


TITLE

Juniper Networks Junos OS Vulnerable to resource exhaustion

Trust: 0.8

sources: JVNDB: JVNDB-2018-004217

DESCRIPTION

A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet. Approximately 1 mbuf is leaked per each packet processed. The number of mbufs is platform dependent. The following command provides the number of mbufs that are currently in use and maximum number of mbufs that can be allocated on a platform: > show system buffers 2437/3143/5580 mbufs in use (current/cache/total) Once the device runs out of mbufs it will become inaccessible and a restart will be required. This issue only affects end devices, transit devices are not affected. Affected releases are Juniper Networks Junos OS with VPLS configured running: 12.1X46 versions prior to 12.1X46-D76; 12.3X48 versions prior to 12.3X48-D66, 12.3X48-D70; 14.1 versions prior to 14.1R9; 14.1X53 versions prior to 14.1X53-D47; 14.2 versions prior to 14.2R8; 15.1 versions prior to 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7; 15.1X49 versions prior to 15.1X49-D131, 15.1X49-D140; 15.1X53 versions prior to 15.1X53-D58 on EX2300/EX3400; 15.1X53 versions prior to 15.1X53-D233 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D471 on NFX; 15.1X53 versions prior to 15.1X53-D66 on QFX10; 16.1 versions prior to 16.1R3-S8, 16.1R4-S6, 16.1R5; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R1-S5, 17.2R2. Juniper Networks Junos OS Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware systems. The operating system provides a secure programming interface and Junos SDK. A remote attacker could exploit this vulnerability to cause a denial of service (resource exhaustion) by sending specially crafted MPLS packets to the interface of the target device when the device is configured with a VPLS routing process. The following releases are affected: Juniper Junos OS Release 12.1X46, Release 12.3X48, Release 14.1, Release 14.1X53, Release 14.2, Release 15.1, Release 15.1X49, Release 15.1X53, Release 16.1, Release 16.2, Release 17.1, Release 17.2

Trust: 1.98

sources: NVD: CVE-2018-0022 // JVNDB: JVNDB-2018-004217 // BID: 103740 // VULHUB: VHN-118224

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:15.1x49

Trust: 1.9

vendor:junipermodel:junosscope:eqversion:16.1

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:15.1x53

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:14.2

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:14.1x53

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:14.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.3x48

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.1x46

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:15.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:16.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.2

Trust: 1.0

vendor:junipermodel:junos osscope: - version: -

Trust: 0.8

vendor:junipermodel:junos 17.2r1-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r1-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r1-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d57scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d48scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d47scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d80scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d70scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d60scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d100scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r5-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r5-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r5-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r4-s8scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r4-s7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2-s18scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2-s16scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2-s14scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d45scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d44scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d42scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d30.3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d28scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d26scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d18scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d16scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d122scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d12scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r8scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d55scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d51scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d50scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d45scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d71scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d67scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d66scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d65scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d60scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d55scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d51scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d50scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d46scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d45scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d37scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d36scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d26scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2r2scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.2r1-s5scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.1r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2-s6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.1r1-s7scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.2r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s5scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.2r1-s6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r5scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3-s8scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d66scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d58scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d471scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d233scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d140scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d131scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1r7scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6-s4scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1r5-s7scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1r4-s9scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s10scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1f2-s19scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 14.2r8scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d47scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 14.1r9scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d70scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d66scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d76scope:neversion: -

Trust: 0.3

sources: BID: 103740 // JVNDB: JVNDB-2018-004217 // CNNVD: CNNVD-201804-513 // NVD: CVE-2018-0022

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0022
value: HIGH

Trust: 1.0

sirt@juniper.net: CVE-2018-0022
value: HIGH

Trust: 1.0

NVD: CVE-2018-0022
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201804-513
value: HIGH

Trust: 0.6

VULHUB: VHN-118224
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-0022
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118224
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0022
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-118224 // JVNDB: JVNDB-2018-004217 // CNNVD: CNNVD-201804-513 // NVD: CVE-2018-0022 // NVD: CVE-2018-0022

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-118224 // JVNDB: JVNDB-2018-004217 // NVD: CVE-2018-0022

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-513

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201804-513

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004217

PATCH

title:JSA10855url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10855&actp=METADATA

Trust: 0.8

title:Juniper Junos OS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83279

Trust: 0.6

sources: JVNDB: JVNDB-2018-004217 // CNNVD: CNNVD-201804-513

EXTERNAL IDS

db:NVDid:CVE-2018-0022

Trust: 2.8

db:JUNIPERid:JSA10855

Trust: 2.0

db:BIDid:103740

Trust: 2.0

db:SECTRACKid:1040790

Trust: 1.7

db:JVNDBid:JVNDB-2018-004217

Trust: 0.8

db:CNNVDid:CNNVD-201804-513

Trust: 0.6

db:VULHUBid:VHN-118224

Trust: 0.1

sources: VULHUB: VHN-118224 // BID: 103740 // JVNDB: JVNDB-2018-004217 // CNNVD: CNNVD-201804-513 // NVD: CVE-2018-0022

REFERENCES

url:http://www.securityfocus.com/bid/103740

Trust: 1.7

url:https://kb.juniper.net/jsa10855

Trust: 1.7

url:http://www.securitytracker.com/id/1040790

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0022

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-0022

Trust: 0.8

url:http://www.juniper.net/

Trust: 0.3

url:http://www.juniper.net/us/en/products-services/nos/junos/

Trust: 0.3

url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10855&cat=sirt_1&actp=list

Trust: 0.3

sources: VULHUB: VHN-118224 // BID: 103740 // JVNDB: JVNDB-2018-004217 // CNNVD: CNNVD-201804-513 // NVD: CVE-2018-0022

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 103740

SOURCES

db:VULHUBid:VHN-118224
db:BIDid:103740
db:JVNDBid:JVNDB-2018-004217
db:CNNVDid:CNNVD-201804-513
db:NVDid:CVE-2018-0022

LAST UPDATE DATE

2024-08-14T14:20:03.860000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-118224date:2019-10-09T00:00:00
db:BIDid:103740date:2018-04-11T00:00:00
db:JVNDBid:JVNDB-2018-004217date:2018-06-14T00:00:00
db:CNNVDid:CNNVD-201804-513date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0022date:2019-10-09T23:30:59.957

SOURCES RELEASE DATE

db:VULHUBid:VHN-118224date:2018-04-11T00:00:00
db:BIDid:103740date:2018-04-11T00:00:00
db:JVNDBid:JVNDB-2018-004217date:2018-06-14T00:00:00
db:CNNVDid:CNNVD-201804-513date:2018-04-11T00:00:00
db:NVDid:CVE-2018-0022date:2018-04-11T19:29:00.650