ID

VAR-201810-1465


CVE

CVE-2018-0063


TITLE

Juniper Networks Junos OS Vulnerable to resource exhaustion

Trust: 0.8

sources: JVNDB: JVNDB-2018-013610

DESCRIPTION

A vulnerability in the IP next-hop index database in Junos OS 17.3R3 may allow a flood of ARP requests, sent to the management interface, to exhaust the private Internal routing interfaces (IRIs) next-hop limit. Once the IRI next-hop database is full, no further next hops can be learned and existing entries cannot be cleared, leading to a sustained denial of service (DoS) condition. An indicator of compromise for this issue is the report of the following error message: %KERN-4: Nexthop index allocation failed: private index space exhausted This issue only affects the management interface, and does not impact regular transit traffic through the FPCs. This issue also only affects Junos OS 17.3R3. No prior versions of Junos OS are affected by this issue. Affected releases are Juniper Networks Junos OS: 17.3R3. Juniper Networks Junos OS Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The operating system provides a secure programming interface and Junos SDK. IP next-hop index database is one of the index database components. An attacker can exploit this vulnerability to cause a denial of service by sending a large number of ARP requests to the management interface

Trust: 1.71

sources: NVD: CVE-2018-0063 // JVNDB: JVNDB-2018-013610 // VULHUB: VHN-118265

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:17.3

Trust: 1.0

vendor:junipermodel:junos osscope:eqversion:17.3r3

Trust: 0.8

vendor:junipermodel:junosscope:eqversion:17.3r3

Trust: 0.6

sources: JVNDB: JVNDB-2018-013610 // CNNVD: CNNVD-201810-531 // NVD: CVE-2018-0063

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0063
value: MEDIUM

Trust: 1.0

sirt@juniper.net: CVE-2018-0063
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-0063
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201810-531
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118265
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2018-0063
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118265
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sirt@juniper.net: CVE-2018-0063
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2018-0063
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-118265 // JVNDB: JVNDB-2018-013610 // CNNVD: CNNVD-201810-531 // NVD: CVE-2018-0063 // NVD: CVE-2018-0063

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-118265 // JVNDB: JVNDB-2018-013610 // NVD: CVE-2018-0063

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201810-531

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201810-531

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013610

PATCH

title:JSA10899url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10899&actp=METADATA

Trust: 0.8

title:Juniper Junos OS IP next-hop index Database security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86117

Trust: 0.6

sources: JVNDB: JVNDB-2018-013610 // CNNVD: CNNVD-201810-531

EXTERNAL IDS

db:NVDid:CVE-2018-0063

Trust: 2.5

db:SECTRACKid:1041861

Trust: 1.7

db:JUNIPERid:JSA10899

Trust: 1.7

db:JVNDBid:JVNDB-2018-013610

Trust: 0.8

db:CNNVDid:CNNVD-201810-531

Trust: 0.7

db:VULHUBid:VHN-118265

Trust: 0.1

sources: VULHUB: VHN-118265 // JVNDB: JVNDB-2018-013610 // CNNVD: CNNVD-201810-531 // NVD: CVE-2018-0063

REFERENCES

url:https://kb.juniper.net/jsa10899

Trust: 1.7

url:http://www.securitytracker.com/id/1041861

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0063

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-0063

Trust: 0.8

sources: VULHUB: VHN-118265 // JVNDB: JVNDB-2018-013610 // CNNVD: CNNVD-201810-531 // NVD: CVE-2018-0063

SOURCES

db:VULHUBid:VHN-118265
db:JVNDBid:JVNDB-2018-013610
db:CNNVDid:CNNVD-201810-531
db:NVDid:CVE-2018-0063

LAST UPDATE DATE

2024-08-14T14:45:32.517000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-118265date:2021-11-06T00:00:00
db:JVNDBid:JVNDB-2018-013610date:2019-02-26T00:00:00
db:CNNVDid:CNNVD-201810-531date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0063date:2021-11-06T03:35:42.927

SOURCES RELEASE DATE

db:VULHUBid:VHN-118265date:2018-10-10T00:00:00
db:JVNDBid:JVNDB-2018-013610date:2019-02-26T00:00:00
db:CNNVDid:CNNVD-201810-531date:2018-10-11T00:00:00
db:NVDid:CVE-2018-0063date:2018-10-10T18:29:03.703