Details of VAR-201901-1601

ID

VAR-201901-1601

CVE

CVE-2019-0002

TITLE

Junos OS Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-001693

DESCRIPTION

On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take effect. When this issue occurs, the output of the command: show pfe filter hw summary will not show the entry for: RACL group Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2. This issue affect both IPv4 and IPv6 firewall filter. Junos OS Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Juniper Junos is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Juniper EX2300 and EX3400 series are switch products of Juniper Networks (Juniper Networks). Junos OS is a set of operating systems running on it. A security vulnerability exists in Junos OS Release 15.1X53, Release 18.1, and Release 18.2 on the Juniper EX2300 and EX3400 series. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

Trust: 1.98

sources: NVD: CVE-2019-0002 // JVNDB: JVNDB-2019-001693 // BID: 106669 // VULHUB: VHN-140033

AFFECTED PRODUCTS

vendor:	juniper	model:	junos	scope:	eq	version:	18.2	Trust: 1.3
vendor:	juniper	model:	junos	scope:	eq	version:	18.1	Trust: 1.3
vendor:	juniper	model:	junos	scope:	eq	version:	15.1x53	Trust: 1.3
vendor:	juniper	model:	junos os	scope:	-	version:	-	Trust: 0.8
vendor:	juniper	model:	junos 18.2r1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.1r2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.1r1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d70	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d68	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d67	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d66	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d65	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d64	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d63	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d62	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d60	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d59	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d58	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d57	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d55	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d50	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d495	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d49	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d48	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d471	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d470	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d47	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d40	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d35	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d33	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d31	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d30	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d235	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d234	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d233	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d232	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d231	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d230	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d20	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d105	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.2r2	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.1r3	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 15.1x53-d590	scope:	ne	version:	-	Trust: 0.3

sources: BID: 106669 // JVNDB: JVNDB-2019-001693 // NVD: CVE-2019-0002

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-0002
value:	CRITICAL
Trust: 1.0
sirt@juniper.net:	CVE-2019-0002
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-0002
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201901-364
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-140033
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-0002
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-140033
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-0002
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
sirt@juniper.net:	CVE-2019-0002
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.0
NVD:	CVE-2019-0002
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-140033 // JVNDB: JVNDB-2019-001693 // CNNVD: CNNVD-201901-364 // NVD: CVE-2019-0002 // NVD: CVE-2019-0002

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-794	Trust: 1.0
problemtype:	CWE-20	Trust: 0.9

sources: VULHUB: VHN-140033 // JVNDB: JVNDB-2019-001693 // NVD: CVE-2019-0002

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201901-364

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201901-364

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-001693

PATCH

title:	show pfe filter hw summary	url:	https://www.juniper.net/documentation/en_US/junos/topics/reference/command-summary/show-pfe-filter.html	Trust: 0.8
title:	JSA10901	url:	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10901&actp=METADATA	Trust: 0.8
title:	Juniper EX2300 and EX3400 series Junos OS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88537	Trust: 0.6

sources: JVNDB: JVNDB-2019-001693 // CNNVD: CNNVD-201901-364

EXTERNAL IDS

db:	NVD	id:	CVE-2019-0002	Trust: 2.8
db:	JUNIPER	id:	JSA10901	Trust: 2.0
db:	BID	id:	106669	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-001693	Trust: 0.8
db:	CNNVD	id:	CNNVD-201901-364	Trust: 0.7
db:	VULHUB	id:	VHN-140033	Trust: 0.1

sources: VULHUB: VHN-140033 // BID: 106669 // JVNDB: JVNDB-2019-001693 // CNNVD: CNNVD-201901-364 // NVD: CVE-2019-0002

REFERENCES

url:	http://www.securityfocus.com/bid/106669	Trust: 2.3
url:	https://kb.juniper.net/jsa10901	Trust: 1.7
url:	https://www.juniper.net/documentation/en_us/junos/topics/reference/command-summary/show-pfe-filter.html	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0002	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0002	Trust: 0.8
url:	http://www.juniper.net/	Trust: 0.3
url:	http://www.juniper.net/us/en/products-services/nos/junos/	Trust: 0.3
url:	https://kb.juniper.net/infocenter/index?page=content&id=jsa10901&cat=sirt_1&actp=list	Trust: 0.3

sources: VULHUB: VHN-140033 // BID: 106669 // JVNDB: JVNDB-2019-001693 // CNNVD: CNNVD-201901-364 // NVD: CVE-2019-0002

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 106669

SOURCES

db:	VULHUB	id:	VHN-140033
db:	BID	id:	106669
db:	JVNDB	id:	JVNDB-2019-001693
db:	CNNVD	id:	CNNVD-201901-364
db:	NVD	id:	CVE-2019-0002

LAST UPDATE DATE

2024-08-14T15:39:00.981000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-140033	date:	2020-07-22T00:00:00
db:	BID	id:	106669	date:	2019-01-15T00:00:00
db:	JVNDB	id:	JVNDB-2019-001693	date:	2019-03-22T00:00:00
db:	CNNVD	id:	CNNVD-201901-364	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2019-0002	date:	2020-12-08T14:28:21.493

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-140033	date:	2019-01-15T00:00:00
db:	BID	id:	106669	date:	2019-01-15T00:00:00
db:	JVNDB	id:	JVNDB-2019-001693	date:	2019-03-22T00:00:00
db:	CNNVD	id:	CNNVD-201901-364	date:	2019-01-11T00:00:00
db:	NVD	id:	CVE-2019-0002	date:	2019-01-15T21:29:00.823