CVE-2019-0006
Published Jan 15, 2019
Last updated 3 years ago
Overview
- Description
- A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms.
- Source
- sirt@juniper.net
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 3.0
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0"
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3"
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808"
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A"
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD"
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116"
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753"
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337"
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2"
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253"
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB013C0D-893D-4A71-AF86-B63DB4464784"
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A3CB6CF-A22B-43F8-8E92-6268BBF7E644"
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F976AE31-75F6-4A52-A8F0-DCDDF62BBEEB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:ex2200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AE3D4F71-8476-4F0D-A976-A308D6483D6D"
},
{
"criteria": "cpe:2.3:h:juniper:ex2200-c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F7BD5636-93D5-4C06-964F-00055DF6B2B8"
},
{
"criteria": "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3B3302CB-457F-4BD2-B80B-F70FB4C4542E"
},
{
"criteria": "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "979C3597-C53B-4F4B-9EA7-126DA036C86D"
},
{
"criteria": "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FC326549-217D-4194-8310-AB398D6FF3F0"
},
{
"criteria": "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "47DAF5E7-E610-4D74-8573-41C16D642837"
},
{
"criteria": "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "53269C69-3D1E-4F05-8EF6-81743D7A699E"
},
{
"criteria": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E594D6DC-87F6-40D2-8268-ED6021462168"
},
{
"criteria": "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DDEE8AE4-B393-442C-AD68-4AC43E76A8F3"
},
{
"criteria": "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D7E98077-92AF-4E3E-96F0-2E6F9D6343D9"
},
{
"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A"
},
{
"criteria": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2B425BB1-3C78-42B1-A6C1-216E514191F0"
},
{
"criteria": "cpe:2.3:h:juniper:ex6210:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "71FF88C7-89CB-4E04-BADA-AD64F8060C6C"
},
{
"criteria": "cpe:2.3:h:juniper:ex8208:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "72E67A5A-0DFF-42D9-81A7-570E9BCA463D"
},
{
"criteria": "cpe:2.3:h:juniper:ex8216:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B51C5371-51E9-40AE-8619-BC1267DD1D08"
},
{
"criteria": "cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "86E82CE3-F43D-4B29-A64D-B14ADB6CC357"
},
{
"criteria": "cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "13C0199E-B9F0-41D3-B625-083990517CDF"
},
{
"criteria": "cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8790B456-DFC7-4E82-9A0C-C89787139B79"
},
{
"criteria": "cpe:2.3:h:juniper:ex9251:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "079290E9-DCC5-43F7-9480-64874DBF2696"
},
{
"criteria": "cpe:2.3:h:juniper:ex9253:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2EA71434-CCBF-4A55-8B30-D213A43E8641"
},
{
"criteria": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F1401145-D8EC-4DB9-9CDE-9DE6C0D000C5"
},
{
"criteria": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1453E42A-77B3-4922-8EC3-1A5668C39550"
},
{
"criteria": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "26408465-BD6A-4416-B98E-691A5F651080"
},
{
"criteria": "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9A336BD3-4AB0-4E9E-8AD5-E6413A5A53FC"
},
{
"criteria": "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7F4D44B0-E6CE-4380-8712-AC832DBCB424"
},
{
"criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416"
},
{
"criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F"
},
{
"criteria": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "09EBDE4B-764F-4DF1-844A-BB8A52CD53EF"
},
{
"criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174"
},
{
"criteria": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D877320D-1997-4B66-B11B-864020C755E1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08FC0245-A4FF-42C0-A236-8569301E351A"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D58997E6-96B4-4930-A29D-B49D06DFA9D5"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:ex2200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AE3D4F71-8476-4F0D-A976-A308D6483D6D"
},
{
"criteria": "cpe:2.3:h:juniper:ex2200-c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F7BD5636-93D5-4C06-964F-00055DF6B2B8"
},
{
"criteria": "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3B3302CB-457F-4BD2-B80B-F70FB4C4542E"
},
{
"criteria": "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "979C3597-C53B-4F4B-9EA7-126DA036C86D"
},
{
"criteria": "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FC326549-217D-4194-8310-AB398D6FF3F0"
},
{
"criteria": "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "47DAF5E7-E610-4D74-8573-41C16D642837"
},
{
"criteria": "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "53269C69-3D1E-4F05-8EF6-81743D7A699E"
},
{
"criteria": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E594D6DC-87F6-40D2-8268-ED6021462168"
},
{
"criteria": "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DDEE8AE4-B393-442C-AD68-4AC43E76A8F3"
},
{
"criteria": "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D7E98077-92AF-4E3E-96F0-2E6F9D6343D9"
},
{
"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A"
},
{
"criteria": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2B425BB1-3C78-42B1-A6C1-216E514191F0"
},
{
"criteria": "cpe:2.3:h:juniper:ex6210:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "71FF88C7-89CB-4E04-BADA-AD64F8060C6C"
},
{
"criteria": "cpe:2.3:h:juniper:ex8208:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "72E67A5A-0DFF-42D9-81A7-570E9BCA463D"
},
{
"criteria": "cpe:2.3:h:juniper:ex8216:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B51C5371-51E9-40AE-8619-BC1267DD1D08"
},
{
"criteria": "cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "86E82CE3-F43D-4B29-A64D-B14ADB6CC357"
},
{
"criteria": "cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "13C0199E-B9F0-41D3-B625-083990517CDF"
},
{
"criteria": "cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8790B456-DFC7-4E82-9A0C-C89787139B79"
},
{
"criteria": "cpe:2.3:h:juniper:ex9251:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "079290E9-DCC5-43F7-9480-64874DBF2696"
},
{
"criteria": "cpe:2.3:h:juniper:ex9253:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2EA71434-CCBF-4A55-8B30-D213A43E8641"
},
{
"criteria": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F1401145-D8EC-4DB9-9CDE-9DE6C0D000C5"
},
{
"criteria": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1453E42A-77B3-4922-8EC3-1A5668C39550"
},
{
"criteria": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "26408465-BD6A-4416-B98E-691A5F651080"
},
{
"criteria": "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9A336BD3-4AB0-4E9E-8AD5-E6413A5A53FC"
},
{
"criteria": "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7F4D44B0-E6CE-4380-8712-AC832DBCB424"
},
{
"criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416"
},
{
"criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F"
},
{
"criteria": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "09EBDE4B-764F-4DF1-844A-BB8A52CD53EF"
},
{
"criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174"
},
{
"criteria": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D877320D-1997-4B66-B11B-864020C755E1"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]