CVE-2019-0037
Published Apr 10, 2019
Last updated 3 years ago
Overview
- Description
- In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the jdhcpd process causing a sustained Denial of Service (DoS) to both IPv4 and IPv6 clients. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496; 16.1 versions prior to 16.1R3-S10, 16.1R7-S4; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S2; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R1-S2. This issue does not affect Junos OS releases prior to 15.1.
- Source
- sirt@juniper.net
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 3.0
- Type
- Secondary
- Base score
- 7.4
- Impact score
- 4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08FC0245-A4FF-42C0-A236-8569301E351A"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31001EA8-2C65-4D3D-AEC7-F298692E8752"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49-d30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29805EC7-F643-40B7-B34F-3926151B0DFC"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49-d60:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C751DBA2-5E15-4953-A19A-BA320BC0D557"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49-d140:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2302E8E5-E659-45E0-9819-249064124C14"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49-d150:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ACA1D9AB-E5C7-41AB-9F00-860B871B34BC"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49-d160:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63E9B877-18EA-4CAB-8A01-58E09CC60DE3"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A062DBD-B40E-4D6E-85AA-E24FCF7F32A7"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d51:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC4704B0-D62E-415F-9B8A-49C1E686FD14"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d52:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A67EBC07-923F-4358-AFC0-9A966A3F980D"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d55:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43D1EFC0-908E-41C1-B4B0-C756845100FB"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d57:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55CD3841-EA43-4EC8-A3F1-42014411CC3F"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d58:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD8657F5-CF1E-4492-8EA9-B269740E4183"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d59:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66ECD21D-FAD9-4DBF-8C6F-83C89118A33C"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:16:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7348840-EF3C-4BB2-BBED-CD78A82C069B"
},
{
"criteria": "cpe:2.3:o:juniper:junos:16:r3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "50D9475A-F4FC-4BDA-B7E8-7A8EC2E3051B"
},
{
"criteria": "cpe:2.3:o:juniper:junos:16:r4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5CCE42E0-FB99-4573-B37F-CA2CFAED6E28"
},
{
"criteria": "cpe:2.3:o:juniper:junos:16:r5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0A2595B-C942-4AFD-8D30-98D2D41B73A5"
},
{
"criteria": "cpe:2.3:o:juniper:junos:16:r6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2E1CC20-8F24-4D0B-945A-0C21E93E60EB"
},
{
"criteria": "cpe:2.3:o:juniper:junos:16:r7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9424B1E-5FA1-4D65-8553-D1728EC2B79D"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3661BC68-6F32-447F-8D20-FD73FBBED9C6"
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B6097D4-3856-4696-9A26-5B6C0FD9AD6C"
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A7231C6-1CC4-4E7A-A317-5315246D2540"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7572C187-4D58-4E0D-A605-B2B13EFF5C6B"
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E34A149E-C2ED-4D86-A105-0A2775654AE7"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s9:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3778643-1684-4549-A764-A1909C14B4B3"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E889BF9C-BDDF-4A6A-97BB-00A097EF6D91"
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D45F2C3-20FF-4A91-A440-E109B3CCE7C9"
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11E055AC-5626-4EBB-8611-17BB1E8AEF15"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9689695F-53EB-4B35-9072-750E7282B011"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38A40E03-F915-4888-87B0-5950F75F097D"
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115"
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25C7C3D0-A203-4979-8375-A610ADD48E9E"
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C366F93-BB30-4144-99AE-40B676977834"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276"
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "204FC7B5-9CF2-4AC2-9B8D-DA48CAEA6496"
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E0CE79A-157D-47DE-BE65-936BC12470EB"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0A756E2-C320-405A-B24F-7C5022649E5A"
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC"
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "658841A9-BEC9-433E-81D0-47DE82887C4F"
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AD05209-1274-4F8A-9FA2-A1A8DFCC5755"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "167EEC4F-729E-47C2-B0F8-E8108CE3E985"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.2x75-d10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14125AE2-5CD4-41DE-8290-09CE58EF7DF2"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5342C3DC-D640-47AB-BD76-3444852988A2"
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90"
}
],
"operator": "OR"
}
]
}
]