Sign-up

ID

VAR-201907-1632


CVE

CVE-2019-0049


TITLE

Juniper Networks Junos OS Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-006595

DESCRIPTION

On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a certain sequence of BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart. Repeated crashes of the RPD process can cause prolonged Denial of Service (DoS). Graceful restart helper mode for BGP is enabled by default. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S3; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.2X75 versions prior to 17.2X75-D105; 17.3 versions prior to 17.3R3-S2; 17.4 versions prior to 17.4R1-S7, 17.4R2-S2, 17.4R3; 18.1 versions prior to 18.1R3-S2; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D12, 18.2X75-D30; 18.3 versions prior to 18.3R1-S4, 18.3R2. Junos OS releases prior to 16.1R1 are not affected. Juniper Networks Junos OS Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. The operating system provides a secure programming interface and Junos SDK. The following products and versions are affected: Juniper Networks Junos OS Release 16.1, Release 16.2, Release 17.1, Release 17.2, Release 17.2X75, Release 17.3, Release 17.4, Release 18.1, Release 18.2, Release 18.2X75, Release 18.3

Trust: 1.98

sources: NVD: CVE-2019-0049 // JVNDB: JVNDB-2019-006595 // BID: 109356 // VULHUB: VHN-140080

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:18.3

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:18.2

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:18.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.4

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.3

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.2x75

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.2

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:16.2

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:16.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:18.2x75

Trust: 1.0

vendor:junipermodel:junos osscope: - version: -

Trust: 0.8

vendor:junipermodel:junos 18.3r1-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 18.3r1-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 18.3r1-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 18.3r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 18.2x75-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 18.2x75-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 18.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 18.1r3-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.4r2-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.4r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.4r1-s6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.4r1-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.4r1-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.4r1-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.4r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.3r3-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2x75-d92scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2x75-d91scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2x75-d70scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2x75-d50scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2x75-d102scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2x75-d100scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s8scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r7-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r7-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 18.3r2scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 18.3r1-s4scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 18.2x75-d30scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 18.2x75-d12scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 18.2r2scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 18.1r3-s2scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.4r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.4r2-s2scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.4r1-s7scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.3r3-s2scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.2x75-d105scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.2r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.1r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s9scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r7-s3scope:neversion: -

Trust: 0.3

sources: BID: 109356 // JVNDB: JVNDB-2019-006595 // NVD: CVE-2019-0049

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-0049
value: HIGH

Trust: 1.0

sirt@juniper.net: CVE-2019-0049
value: HIGH

Trust: 1.0

NVD: CVE-2019-0049
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201907-671
value: HIGH

Trust: 0.6

VULHUB: VHN-140080
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-0049
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-140080
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sirt@juniper.net: CVE-2019-0049
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2019-0049
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-140080 // JVNDB: JVNDB-2019-006595 // CNNVD: CNNVD-201907-671 // NVD: CVE-2019-0049 // NVD: CVE-2019-0049

PROBLEMTYPE DATA

problemtype:CWE-404

Trust: 1.0

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-20

Trust: 0.9

sources: VULHUB: VHN-140080 // JVNDB: JVNDB-2019-006595 // NVD: CVE-2019-0049

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201907-671

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201907-671

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-006595

PATCH
title:JSA10943url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10943&actp=METADATA
Trust: 0.8
title:Juniper Networks Junos OS Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95207
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-006595 // 
            
            
            
            CNNVD: CNNVD-201907-671

EXTERNAL IDS
db:NVDid:CVE-2019-0049
Trust: 2.8
db:JUNIPERid:JSA10943
Trust: 2.0
db:BIDid:109356
Trust: 0.9
db:JVNDBid:JVNDB-2019-006595
Trust: 0.8
db:CNNVDid:CNNVD-201907-671
Trust: 0.7
db:JUNIPERid:JSA10949
Trust: 0.6
db:JUNIPERid:JSA10947
Trust: 0.6
db:AUSCERTid:ESB-2019.2563
Trust: 0.6
db:VULHUBid:VHN-140080
Trust: 0.1
sources:
            
            
            VULHUB: VHN-140080 // 
            
            
            
            BID: 109356 // 
            
            
            
            JVNDB: JVNDB-2019-006595 // 
            
            
            
            CNNVD: CNNVD-201907-671 // 
            
            
            
            NVD: CVE-2019-0049

REFERENCES
url:https://kb.juniper.net/jsa10943
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2019-0049
Trust: 1.4
url:http://www.juniper.net/us/en/products-services/nos/junos/
Trust: 0.9
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10943&cat=sirt_1&actp=list&showdraft=false
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0049
Trust: 0.8
url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10949
Trust: 0.6
url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10947
Trust: 0.6
url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10943
Trust: 0.6
url:https://vigilance.fr/vulnerability/junos-os-denial-of-service-via-bgp-peer-restarts-29743
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.2563/
Trust: 0.6
url:https://www.securityfocus.com/bid/109356
Trust: 0.6
url:http://www.juniper.net/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-140080 // 
            
            
            
            BID: 109356 // 
            
            
            
            JVNDB: JVNDB-2019-006595 // 
            
            
            
            CNNVD: CNNVD-201907-671 // 
            
            
            
            NVD: CVE-2019-0049

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 109356

SOURCES
db:VULHUBid:VHN-140080
db:BIDid:109356
db:JVNDBid:JVNDB-2019-006595
db:CNNVDid:CNNVD-201907-671
db:NVDid:CVE-2019-0049

LAST UPDATE DATE
2024-08-14T12:08:33.211000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-140080date:2019-10-09T00:00:00
db:BIDid:109356date:2019-07-10T00:00:00
db:JVNDBid:JVNDB-2019-006595date:2019-07-24T00:00:00
db:CNNVDid:CNNVD-201907-671date:2021-10-29T00:00:00
db:NVDid:CVE-2019-0049date:2021-10-28T12:44:16.507

SOURCES RELEASE DATE
db:VULHUBid:VHN-140080date:2019-07-11T00:00:00
db:BIDid:109356date:2019-07-10T00:00:00
db:JVNDBid:JVNDB-2019-006595date:2019-07-24T00:00:00
db:CNNVDid:CNNVD-201907-671date:2019-07-11T00:00:00
db:NVDid:CVE-2019-0049date:2019-07-11T20:15:11.333