CVE-2018-0050

Published Oct 10, 2018

Last updated 4 days ago

CVSS high 7.5

Overview

Description: An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic.
Source: sirt@juniper.net
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 5.9
Impact score: 3.6
Exploitability score: 2.2
Vector string: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6237291A-B861-4D53-B7AA-C53A44B76896"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CA10003-D52B-4110-9D7A-F50895E6BA17"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B2D843A-8ADE-4888-8960-B48394DEA1D2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BE66516-A06D-4C0F-8346-DFC8865C8FE8"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEBDFC9E-7753-42A8-A5C8-4D40D219F93A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25E5D543-D779-482D-AA8A-6E77C1949FBD"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A76DAC5-AEC4-47E8-9876-71EE5BAD73E2"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d121:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E87AF59-23AC-4CE2-98AE-41849D643A85"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d42:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39427B97-EB80-46BE-A5D0-90CCEC1DD207"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d43:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "131CBAB6-8222-4CDC-AEC8-8AD1AD507C61"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d44:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81BEA7EA-FF95-425B-9245-21927E1F30C5"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB013C0D-893D-4A71-AF86-B63DB4464784"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A3CB6CF-A22B-43F8-8E92-6268BBF7E644"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d47:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E77B6650-6316-41D1-9EA3-4429DD972628"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d121:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E87AF59-23AC-4CE2-98AE-41849D643A85"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d42:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39427B97-EB80-46BE-A5D0-90CCEC1DD207"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d43:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "131CBAB6-8222-4CDC-AEC8-8AD1AD507C61"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d44:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81BEA7EA-FF95-425B-9245-21927E1F30C5"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB013C0D-893D-4A71-AF86-B63DB4464784"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A3CB6CF-A22B-43F8-8E92-6268BBF7E644"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d47:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E77B6650-6316-41D1-9EA3-4429DD972628"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d48:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E03E379C-BC08-4FB7-9C01-41F75DFD281F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D59449C6-5BD5-4C07-AEF6-EEBC70D9C4C7"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D59449C6-5BD5-4C07-AEF6-EEBC70D9C4C7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79149AA0-17D1-4522-894F-C025F7A30FD7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30726286-7CB1-4E5D-AE44-2B4D84795900"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33BE028F-2961-414A-9D42-C4861566C2DC"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References