CVE Vulnerability

CVE-2019-0044

Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the rpd process causing prolonged Denial of Service (DoS). Affected releases are Juniper Networks SRX5000 Series: 12.1X46 versions prior to 12.1X46-D82; 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160.

5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

Scope

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://kb.juniper.net/JSA10936 Patch Vendor Advisory
http://www.securityfocus.com/bid/107872 Broken Link
Configurations

Configuration 1
Information

Published : 2019-04-10 08:29

Updated : 2021-10-28 12:44

NVD link : CVE-2019-0044

Mitre link : CVE-2019-0044

Products Affected

Juniper

Junos

Srx5400

Srx5600

Srx5800

CWE
NVD-CWE-noinfo