admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2019/0xxx/CVE-2019-0013.json
CVE Team aaf7f54182
"-Synchronized-Data."
2019-03-17 22:58:44 +00:00

162 lines
7.1 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-01-09T17:00:00.000Z",
"ID": "CVE-2019-0013",
"STATE": "PUBLIC",
"TITLE": "Junos OS: RPD crash upon receipt of malformed PIM packet"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"affected": "<",
"version_name": "12.1X46",
"version_value": "12.1X46-D77"
},
{
"affected": "<",
"version_name": "12.3X48",
"version_value": "12.3X48-D77"
},
{
"affected": "<",
"version_name": "15.1",
"version_value": "15.1F6-S10, 15.1R6-S6, 15.1R7"
},
{
"affected": "<",
"version_name": "15.1X49",
"version_value": "15.1X49-D150"
},
{
"affected": "<",
"version_name": "15.1X53",
"version_value": "15.1X53-D233, 15.1X53-D59"
},
{
"affected": "<",
"version_name": "16.1",
"version_value": "16.1R3-S8, 16.1R4-S8, 16.1R7"
},
{
"affected": "<",
"version_name": "16.2",
"version_value": "16.2R2-S6"
},
{
"affected": "<",
"version_name": "17.1",
"version_value": "17.1R2-S6, 17.1R3"
},
{
"affected": "<",
"version_name": "17.2",
"version_value": "17.2R2-S3, 17.2R3"
},
{
"affected": "<",
"version_name": "17.3",
"version_value": "17.3R2-S4, 17.3R3"
},
{
"affected": "<",
"version_name": "17.4",
"version_value": "17.4R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service (DoS) condition. This issue only affects IPv4 PIM. IPv6 PIM is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D77; 15.1 versions prior to 15.1F6-S10, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D150; 15.1X53 versions prior to 15.1X53-D233, 15.1X53-D59; 16.1 versions prior to 16.1R3-S8, 16.1R4-S8, 16.1R7; 16.2 versions prior to 16.2R2-S6; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R2-S3, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R2."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10913",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10913"
},
{
"name": "106519",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106519"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 12.1X46-D77, 12.3X48-D77, 15.1F6-S10, 15.1R6-S6, 15.1R7, 15.1X49-D150, 15.1X53-D233, 15.1X53-D59, 16.1R3-S8, 16.1R4-S8, 16.1R7, 16.2R2-S6, 17.1R2-S6, 17.1R3, 17.2R2-S3, 17.2R3, 17.3R2-S4, 17.3R3, 17.4R2, 18.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10913",
"defect": [
"1293306"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "No known workaround exists for this issue."
}
]
}
Reference in New Issue View Git Blame Copy Permalink