National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2019-0056 Detail

Current Description

This issue only affects devices with three (3) or more MPC10's installed in a single chassis with OSPF enabled and configured on the device. An Insufficient Resource Pool weakness allows an attacker to cause the device's Open Shortest Path First (OSPF) states to transition to Down, resulting in a Denial of Service (DoS) attack. This attack requires a relatively large number of specific Internet Mixed (IMIXed) types of genuine and valid IPv6 packets to be transferred by the attacker in a relatively short period of time, across three or more PFE's on the device at the same time. Continued receipt of the traffic sent by the attacker will continue to cause OSPF to remain in the Down starting state, or flap between other states and then again to Down, causing a persistent Denial of Service. This attack will affect all IPv4, and IPv6 traffic served by the OSPF routes once the OSPF states transition to Down. This issue affects: Juniper Networks Junos OS on MX480, MX960, MX2008, MX2010, MX2020: 18.1 versions prior to 18.1R2-S4, 18.1R3-S5; 18.1X75 version 18.1X75-D10 and later versions; 18.2 versions prior to 18.2R1-S5, 18.2R2-S3, 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R1-S4, 18.3R2, 18.3R3; 18.4 versions prior to 18.4R1-S2, 18.4R2.

Source:  MITRE
View Analysis Description

Severity



CVSS 3.x Severity and Metrics:

NIST CVSS score matches with CNA score
CNA:  Juniper Networks, Inc.
Base Score: 7.5 HIGH
Vector:  CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://kb.juniper.net/JSA10954 Vendor Advisory

Weakness Enumeration

CWE-ID CWE Name Source
CWE-20 Improper Input Validation NIST  
CWE-410 Insufficient Resource Pool Juniper Networks, Inc.  

Known Affected Software Configurations Switch to CPE 2.2

Configuration 1 ( hide )
 cpe:2.3:a:juniper:junos:18.1:r1:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:a:juniper:junos:18.1:r2:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.1:r3-s2:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.1:r3-s3:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.1:r3-s4:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 2 ( hide )
 cpe:2.3:o:juniper:junos:18.1x75:d10:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 3 ( hide )
 cpe:2.3:a:juniper:junos:18.2:r1:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:a:juniper:junos:18.2:r1-s3:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:a:juniper:junos:18.2:r1-s4:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:a:juniper:junos:18.2:r2:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 4 ( hide )
 cpe:2.3:o:juniper:junos:18.2x75:-:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.2x75:d20:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.2x75:d40:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 5 ( hide )
 cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*
     Show Matching CPE(s)

Configuration 6 ( hide )
 cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*
     Show Matching CPE(s)
Running on/with
 cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*
     Show Matching CPE(s)
 cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*
     Show Matching CPE(s)


Change History

1 change record found - show changes

Quick Info

CVE Dictionary Entry:
CVE-2019-0056
NVD Published Date:
10/09/2019
NVD Last Modified:
10/17/2019