Details of VAR-201810-1465

ID

VAR-201810-1465

CVE

CVE-2018-0063

TITLE

Juniper Networks Junos OS Vulnerable to resource exhaustion

Trust: 0.8

sources: JVNDB: JVNDB-2018-013610

DESCRIPTION

A vulnerability in the IP next-hop index database in Junos OS 17.3R3 may allow a flood of ARP requests, sent to the management interface, to exhaust the private Internal routing interfaces (IRIs) next-hop limit. Once the IRI next-hop database is full, no further next hops can be learned and existing entries cannot be cleared, leading to a sustained denial of service (DoS) condition. An indicator of compromise for this issue is the report of the following error message: %KERN-4: Nexthop index allocation failed: private index space exhausted This issue only affects the management interface, and does not impact regular transit traffic through the FPCs. This issue also only affects Junos OS 17.3R3. No prior versions of Junos OS are affected by this issue. Affected releases are Juniper Networks Junos OS: 17.3R3. Juniper Networks Junos OS Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The operating system provides a secure programming interface and Junos SDK. IP next-hop index database is one of the index database components. An attacker can exploit this vulnerability to cause a denial of service by sending a large number of ARP requests to the management interface

Trust: 1.71

sources: NVD: CVE-2018-0063 // JVNDB: JVNDB-2018-013610 // VULHUB: VHN-118265

AFFECTED PRODUCTS

vendor:	juniper	model:	junos	scope:	eq	version:	17.3	Trust: 1.0
vendor:	juniper	model:	junos os	scope:	eq	version:	17.3r3	Trust: 0.8
vendor:	juniper	model:	junos	scope:	eq	version:	17.3r3	Trust: 0.6

sources: JVNDB: JVNDB-2018-013610 // CNNVD: CNNVD-201810-531 // NVD: CVE-2018-0063

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0063
value:	MEDIUM
Trust: 1.0
sirt@juniper.net:	CVE-2018-0063
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-0063
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201810-531
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-118265
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2018-0063
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-118265
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sirt@juniper.net:	CVE-2018-0063
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2018-0063
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-118265 // JVNDB: JVNDB-2018-013610 // CNNVD: CNNVD-201810-531 // NVD: CVE-2018-0063 // NVD: CVE-2018-0063

PROBLEMTYPE DATA

problemtype:

CWE-400

Trust: 1.9

sources: VULHUB: VHN-118265 // JVNDB: JVNDB-2018-013610 // NVD: CVE-2018-0063

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201810-531

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201810-531

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013610

PATCH

title:	JSA10899	url:	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10899&actp=METADATA	Trust: 0.8
title:	Juniper Junos OS IP next-hop index Database security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86117	Trust: 0.6

sources: JVNDB: JVNDB-2018-013610 // CNNVD: CNNVD-201810-531

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0063	Trust: 2.5
db:	SECTRACK	id:	1041861	Trust: 1.7
db:	JUNIPER	id:	JSA10899	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-013610	Trust: 0.8
db:	CNNVD	id:	CNNVD-201810-531	Trust: 0.7
db:	VULHUB	id:	VHN-118265	Trust: 0.1

sources: VULHUB: VHN-118265 // JVNDB: JVNDB-2018-013610 // CNNVD: CNNVD-201810-531 // NVD: CVE-2018-0063

REFERENCES

url:	https://kb.juniper.net/jsa10899	Trust: 1.7
url:	http://www.securitytracker.com/id/1041861	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0063	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0063	Trust: 0.8

sources: VULHUB: VHN-118265 // JVNDB: JVNDB-2018-013610 // CNNVD: CNNVD-201810-531 // NVD: CVE-2018-0063

SOURCES

db:	VULHUB	id:	VHN-118265
db:	JVNDB	id:	JVNDB-2018-013610
db:	CNNVD	id:	CNNVD-201810-531
db:	NVD	id:	CVE-2018-0063

LAST UPDATE DATE

2024-08-14T14:45:32.517000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-118265	date:	2021-11-06T00:00:00
db:	JVNDB	id:	JVNDB-2018-013610	date:	2019-02-26T00:00:00
db:	CNNVD	id:	CNNVD-201810-531	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0063	date:	2021-11-06T03:35:42.927

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-118265	date:	2018-10-10T00:00:00
db:	JVNDB	id:	JVNDB-2018-013610	date:	2019-02-26T00:00:00
db:	CNNVD	id:	CNNVD-201810-531	date:	2018-10-11T00:00:00
db:	NVD	id:	CVE-2018-0063	date:	2018-10-10T18:29:03.703