ID

VAR-201901-1609


CVE

CVE-2019-0013


TITLE

Juniper Networks Junos OS Data processing vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-001328

DESCRIPTION

The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service (DoS) condition. This issue only affects IPv4 PIM. IPv6 PIM is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D77; 15.1 versions prior to 15.1F6-S10, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D150; 15.1X53 versions prior to 15.1X53-D233, 15.1X53-D59; 16.1 versions prior to 16.1R3-S8, 16.1R4-S8, 16.1R7; 16.2 versions prior to 16.2R2-S6; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R2-S3, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R2. Juniper Networks Junos OS Contains a data processing vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Juniper Junos is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the RPD to crash, effectively denying service to legitimate users. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware systems. The operating system provides a secure programming interface and Junos SDK. The following releases are affected: Juniper Junos OS Release 12.1X46, Release 12.3X48, Release 15.1, Release 15.1X49, Release 15.1X53, Release 16.1, Release 16.2, Release 17.1, Release 17.2, Release 17.3, Release 17.4

Trust: 1.98

sources: NVD: CVE-2019-0013 // JVNDB: JVNDB-2019-001328 // BID: 106519 // VULHUB: VHN-140044

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:17.4

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.3

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.2

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:16.2

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:16.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:15.1x53

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:15.1x49

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:15.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.3x48

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.1x46

Trust: 1.3

vendor:junipermodel:junos osscope: - version: -

Trust: 0.8

vendor:junipermodel:junos 17.4r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.3r2-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.3r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.3r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2r2-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3-s6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d58scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d57scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d49scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d48scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d47scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d33scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d31scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d232scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d231scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d230scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d105scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d140scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d131scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d130scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d120scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d110scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d100scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s9scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s8scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d75scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d70scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d66scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d60scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d55scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d51scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d50scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d45scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d76scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d72scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d71scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d67scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d66scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d65scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d60scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d55scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d51scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d50scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d46scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d45scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d37scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d36scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d26scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.4r2scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.3r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.3r2-s4scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.2r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.2r2-s3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.1r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2-s6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r7scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s8scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3-s8scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d59scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d233scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d150scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1r7scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6-s6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s10scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d77scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d77scope:neversion: -

Trust: 0.3

sources: BID: 106519 // JVNDB: JVNDB-2019-001328 // NVD: CVE-2019-0013

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-0013
value: HIGH

Trust: 1.0

sirt@juniper.net: CVE-2019-0013
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-0013
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201901-373
value: HIGH

Trust: 0.6

VULHUB: VHN-140044
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-0013
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-140044
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-0013
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sirt@juniper.net: CVE-2019-0013
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-140044 // JVNDB: JVNDB-2019-001328 // CNNVD: CNNVD-201901-373 // NVD: CVE-2019-0013 // NVD: CVE-2019-0013

PROBLEMTYPE DATA

problemtype:CWE-19

Trust: 1.9

sources: VULHUB: VHN-140044 // JVNDB: JVNDB-2019-001328 // NVD: CVE-2019-0013

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201901-373

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-201901-373

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-001328

PATCH

title:JSA10913url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10913&actp=METADATA

Trust: 0.8

title:Juniper Junos OS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88526

Trust: 0.6

sources: JVNDB: JVNDB-2019-001328 // CNNVD: CNNVD-201901-373

EXTERNAL IDS

db:NVDid:CVE-2019-0013

Trust: 2.8

db:BIDid:106519

Trust: 2.0

db:JUNIPERid:JSA10913

Trust: 2.0

db:JVNDBid:JVNDB-2019-001328

Trust: 0.8

db:CNNVDid:CNNVD-201901-373

Trust: 0.7

db:VULHUBid:VHN-140044

Trust: 0.1

sources: VULHUB: VHN-140044 // BID: 106519 // JVNDB: JVNDB-2019-001328 // CNNVD: CNNVD-201901-373 // NVD: CVE-2019-0013

REFERENCES

url:http://www.securityfocus.com/bid/106519

Trust: 2.3

url:https://kb.juniper.net/jsa10913

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0013

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-0013

Trust: 0.8

url:http://www.juniper.net/

Trust: 0.3

url:http://www.juniper.net/us/en/products-services/nos/junos/

Trust: 0.3

url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10913&cat=sirt_1&actp=list

Trust: 0.3

sources: VULHUB: VHN-140044 // BID: 106519 // JVNDB: JVNDB-2019-001328 // CNNVD: CNNVD-201901-373 // NVD: CVE-2019-0013

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 106519

SOURCES

db:VULHUBid:VHN-140044
db:BIDid:106519
db:JVNDBid:JVNDB-2019-001328
db:CNNVDid:CNNVD-201901-373
db:NVDid:CVE-2019-0013

LAST UPDATE DATE

2024-08-14T14:51:17.729000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-140044date:2019-10-09T00:00:00
db:BIDid:106519date:2019-01-09T00:00:00
db:JVNDBid:JVNDB-2019-001328date:2019-02-27T00:00:00
db:CNNVDid:CNNVD-201901-373date:2019-10-17T00:00:00
db:NVDid:CVE-2019-0013date:2019-10-09T23:43:30.193

SOURCES RELEASE DATE

db:VULHUBid:VHN-140044date:2019-01-15T00:00:00
db:BIDid:106519date:2019-01-09T00:00:00
db:JVNDBid:JVNDB-2019-001328date:2019-02-27T00:00:00
db:CNNVDid:CNNVD-201901-373date:2019-01-11T00:00:00
db:NVDid:CVE-2019-0013date:2019-01-15T21:29:01.337