Details of VAR-201907-1601

ID

VAR-201907-1601

CVE

CVE-2019-0048

TITLE

Juniper Networks Junos OS Vulnerabilities related to security functions

Trust: 0.8

sources: JVNDB: JVNDB-2019-006594

DESCRIPTION

On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority. This rule is meant for reserved multicast addresses 224.0.0.x, but incorrectly matches on 224.x.x.x. Due to this bug, when a firewall filter is applied on the loopback interface, other firewall filters might stop working for multicast traffic. The command 'show firewall filter' can be used to confirm whether the filter is working. This issue only affects the EX4300 switch. No other products or platforms are affected by this vulnerability. This issue affects: Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D51, 14.1X53-D115 on EX4300 Series; 17.1 versions prior to 17.1R3 on EX4300 Series; 17.2 versions prior to 17.2R3-S2 on EX4300 Series; 17.3 versions prior to 17.3R3-S3 on EX4300 Series; 17.4 versions prior to 17.4R2-S5, 17.4R3 on EX4300 Series; 18.1 versions prior to 18.1R3-S1 on EX4300 Series; 18.2 versions prior to 18.2R2 on EX4300 Series; 18.3 versions prior to 18.3R2 on EX4300 Series. Juniper Networks Junos OS Contains vulnerabilities related to security features.Information may be tampered with. The operating system provides a secure programming interface and Junos SDK. The following products and versions are affected: Juniper Networks Junos OS Release 14.1X53, Release 17.1, Release 17.2, Release 17.3, Release 17.4, Release 18.1, Release 18.2, Release 18.3

Trust: 1.8

sources: NVD: CVE-2019-0048 // JVNDB: JVNDB-2019-006594 // VULHUB: VHN-140079 // VULMON: CVE-2019-0048

AFFECTED PRODUCTS

vendor:	juniper	model:	junos	scope:	eq	version:	17.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	14.1x53	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.3	Trust: 1.0
vendor:	juniper	model:	junos os	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2019-006594 // NVD: CVE-2019-0048

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-0048
value:	MEDIUM
Trust: 1.0
sirt@juniper.net:	CVE-2019-0048
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-0048
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201907-623
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-140079
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2019-0048
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-0048
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-140079
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sirt@juniper.net:	CVE-2019-0048
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-0048
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-140079 // VULMON: CVE-2019-0048 // JVNDB: JVNDB-2019-006594 // CNNVD: CNNVD-201907-623 // NVD: CVE-2019-0048 // NVD: CVE-2019-0048

PROBLEMTYPE DATA

problemtype:	CWE-200	Trust: 1.0
problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-254	Trust: 0.9

sources: VULHUB: VHN-140079 // JVNDB: JVNDB-2019-006594 // NVD: CVE-2019-0048

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201907-623

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201907-623

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-006594

PATCH

title:	JSA10942	url:	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10942&actp=METADATA	Trust: 0.8
title:	Juniper Networks Junos OS Fixing measures for security feature vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95165	Trust: 0.6

sources: JVNDB: JVNDB-2019-006594 // CNNVD: CNNVD-201907-623

EXTERNAL IDS

db:	NVD	id:	CVE-2019-0048	Trust: 2.6
db:	JUNIPER	id:	JSA10942	Trust: 1.8
db:	JVNDB	id:	JVNDB-2019-006594	Trust: 0.8
db:	CNNVD	id:	CNNVD-201907-623	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.2558	Trust: 0.6
db:	VULHUB	id:	VHN-140079	Trust: 0.1
db:	VULMON	id:	CVE-2019-0048	Trust: 0.1

sources: VULHUB: VHN-140079 // VULMON: CVE-2019-0048 // JVNDB: JVNDB-2019-006594 // CNNVD: CNNVD-201907-623 // NVD: CVE-2019-0048

REFERENCES

url:	https://kb.juniper.net/jsa10942	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0048	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0048	Trust: 0.8
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10942	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.2558/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/junos-os-privilege-escalation-via-ex4300-firewall-filter-29742	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-140079 // VULMON: CVE-2019-0048 // JVNDB: JVNDB-2019-006594 // CNNVD: CNNVD-201907-623 // NVD: CVE-2019-0048

SOURCES

db:	VULHUB	id:	VHN-140079
db:	VULMON	id:	CVE-2019-0048
db:	JVNDB	id:	JVNDB-2019-006594
db:	CNNVD	id:	CNNVD-201907-623
db:	NVD	id:	CVE-2019-0048

LAST UPDATE DATE

2024-08-14T14:26:13.786000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-140079	date:	2020-09-29T00:00:00
db:	VULMON	id:	CVE-2019-0048	date:	2020-09-29T00:00:00
db:	JVNDB	id:	JVNDB-2019-006594	date:	2019-07-24T00:00:00
db:	CNNVD	id:	CNNVD-201907-623	date:	2020-09-30T00:00:00
db:	NVD	id:	CVE-2019-0048	date:	2020-09-29T00:28:39.690

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-140079	date:	2019-07-11T00:00:00
db:	VULMON	id:	CVE-2019-0048	date:	2019-07-11T00:00:00
db:	JVNDB	id:	JVNDB-2019-006594	date:	2019-07-24T00:00:00
db:	CNNVD	id:	CNNVD-201907-623	date:	2019-07-11T00:00:00
db:	NVD	id:	CVE-2019-0048	date:	2019-07-11T20:15:11.257