CVE-2018-0030 Detail
Current Description
Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS with MPC7/8/9 or PTX-FPC3 (FPC-P1, FPC-P2) installed and PTX1K: 15.1F versions prior to 15.1F6-S10; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 16.1 versions prior to 16.1R3-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D46; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S4, 17.2R2-S4, 17.2R3; 17.2X75 versions prior to 17.2X75-D70, 17.2X75-D90; 17.3 versions prior to 17.3R1-S4, 17.3R2, 17.4 versions prior to 17.4R1-S2, 17.4R2. Refer to KB25385 for more information about PFE line cards.
Source:
MITRE
Description Last Modified:
07/11/2018
View Analysis Description
Analysis Description
Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS with MPC7/8/9 or PTX-FPC3 (FPC-P1, FPC-P2) installed and PTX1K: 15.1F versions prior to 15.1F6-S10; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 16.1 versions prior to 16.1R3-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D46; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S4, 17.2R2-S4, 17.2R3; 17.2X75 versions prior to 17.2X75-D70, 17.2X75-D90; 17.3 versions prior to 17.3R1-S4, 17.3R2, 17.4 versions prior to 17.4R1-S2, 17.4R2. Refer to KB25385 for more information about PFE line cards.
Source:
MITRE
Description Last Modified:
07/11/2018
Impact
CVSS v3.0 Severity and Metrics:
Base Score:
7.5 HIGH
Vector:
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
(V3 legend)
Impact Score:
3.6
Exploitability Score:
3.9
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High
CVSS v2.0 Severity and Metrics:
Base Score:
5.0 MEDIUM
Vector:
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
(V2 legend)
Impact Subscore:
2.9
Exploitability Subscore:
10.0
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (AU):
None
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
Partial
Additional Information:
Allows disruption of service
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because
they may have information that would be of interest to you. No inferences should be drawn on account of other sites
being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose.
NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further,
NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about
this page to nvd@nist.gov.
Technical Details
Vulnerability Type
(View All)
- Uncontrolled Resource Consumption ('Resource Exhaustion') (CWE-400)
Known Affected Software Configurations
Switch to CPE 2.2
Configuration 1 ( hide ) Configuration 2 ( hide ) Configuration 3 ( hide ) Configuration 4 ( hide ) Configuration 5 ( hide ) Configuration 6 ( hide ) Configuration 7 ( hide ) Configuration 8 ( hide ) Configuration 9 ( hide ) Configuration 10 ( hide )
Change History
2 change records found
- show changes
Initial Analysis -
9/11/2018 9:31:10 AM
| Action |
Type |
Old Value |
New Value |
| Added |
CPE Configuration |
|
OR
*cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:15.1:r6-s6:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:15.1:r7:*:*:*:*:*:* |
| Added |
CPE Configuration |
|
OR
*cpe:2.3:o:juniper:junos:15.1:f:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:* |
| Added |
CPE Configuration |
|
OR
*cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.1:r4-s9:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.1:r5-s4:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.1:r6-s3:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:* |
| Added |
CPE Configuration |
|
OR
*cpe:2.3:o:juniper:junos:16.1x65:*:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.1x65:d30:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.1x65:d35:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.1x65:d40:*:*:*:*:*:* |
| Added |
CPE Configuration |
|
OR
*cpe:2.3:o:juniper:junos:16.2:*:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.2:r2-s5:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:16.2:r3:*:*:*:*:*:* |
| Added |
CPE Configuration |
|
OR
*cpe:2.3:o:juniper:junos:17.1:*:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:17.1:r2-s7:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:17.1:r3:*:*:*:*:*:* |
| Added |
CPE Configuration |
|
OR
*cpe:2.3:o:juniper:junos:17.2:*:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:17.2:r2-s4:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:17.2:r3:*:*:*:*:*:* |
| Added |
CPE Configuration |
|
OR
*cpe:2.3:o:juniper:junos:17.2x75:*:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:17.2x75:d90:*:*:*:*:*:* |
| Added |
CPE Configuration |
|
OR
*cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:* |
| Added |
CPE Configuration |
|
OR
*cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*
*cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:* |
| Added |
CVSS V2 |
|
(AV:N/AC:L/Au:N/C:N/I:N/A:P) |
| Added |
CVSS V3 |
|
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Added |
CWE |
|
CWE-400 |
| Changed |
Reference Type |
http://www.securitytracker.com/id/1041325 No Types Assigned |
http://www.securitytracker.com/id/1041325 Third Party Advisory, VDB Entry |
| Changed |
Reference Type |
https://kb.juniper.net/JSA10864 No Types Assigned |
https://kb.juniper.net/JSA10864 Vendor Advisory |
| Changed |
Reference Type |
https://kb.juniper.net/KB25385 No Types Assigned |
https://kb.juniper.net/KB25385 Vendor Advisory |
CVE Modified by MITRE -
7/27/2018 9:29:05 PM
| Action |
Type |
Old Value |
New Value |
| Added |
Reference |
|
http://www.securitytracker.com/id/1041325 [No Types Assigned] |
Quick Info
CVE Dictionary Entry:
CVE-2018-0030
NVD Published Date:
07/11/2018
NVD Last Modified:
09/11/2018
|