CVE-2018-0054

On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface (fxp0) can cause egress interface congestion, resulting in routing protocol packet drops, such as BGP, leading to peering flaps. The following log message may also be displayed: fpc0 dcbcm_check_stuck_buffers: Buffers are stuck on queue 7 of port 45 This issue only affects the QFX5000 Series products (QFX5100, QFX5110, QFX5200, QFX5210) and the EX4600 switch. No other platforms are affected by this issue. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on QFX5000 Series and EX4600; 15.1 versions prior to 15.1R7, 15.1R8 on QFX5000 Series and EX4600; 15.1X53 versions prior to 15.1X53-D233 on QFX5000 Series and EX4600; 16.1 versions prior to 16.1R7 on QFX5000 Series and EX4600; 16.2 versions prior to 16.2R3 on QFX5000 Series and EX4600; 17.1 versions prior to 17.1R2-S9, 17.1R3 on QFX5000 Series and EX4600; 17.2 versions prior to 17.2R2-S6, 17.2R3 on QFX5000 Series and EX4600; 17.2X75 versions prior to 17.2X75-D42 on QFX5000 Series and EX4600; 17.3 versions prior to 17.3R3 on QFX5000 Series and EX4600; 17.4 versions prior to 17.4R2 on QFX5000 Series and EX4600; 18.1 versions prior to 18.1R2 on QFX5000 Series and EX4600.

CVSS v3.0 6.5 MEDIUM
CVSS v2.0 3.3 LOW

6.5^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector : AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

3.3^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:A/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://kb.juniper.net/JSA10888	Vendor Advisory
http://www.securitytracker.com/id/1041855	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:juniper:junos:14.1x53:d25::::::
	cpe:2.3:o:juniper:junos:14.1x53:d26::::::
	cpe:2.3:o:juniper:junos:14.1x53:d27::::::
	cpe:2.3:o:juniper:junos:14.1x53:d30::::::
	cpe:2.3:o:juniper:junos:14.1x53:d35::::::
	cpe:2.3:o:juniper:junos:14.1x53:d121::::::
	cpe:2.3:o:juniper:junos:14.1x53:d43::::::
	cpe:2.3:o:juniper:junos:14.1x53:d42::::::
	cpe:2.3:o:juniper:junos:14.1x53:d46::::::
	cpe:2.3:o:juniper:junos:14.1x53:d10::::::
	cpe:2.3:o:juniper:junos:14.1x53:d16::::::
	cpe:2.3:o:juniper:junos:14.1x53:d45::::::
	cpe:2.3:o:juniper:junos:14.1x53:d15::::::
	cpe:2.3:o:juniper:junos:14.1x53:d40::::::
	cpe:2.3:o:juniper:junos:14.1x53:::::::*
	cpe:2.3:o:juniper:junos:14.1x53:d44::::::

OR	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:ex4600:-:::::::*
	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5100:-:::::::*

Configuration 2 (hide)

AND

OR	cpe:2.3:o:juniper:junos:15.1:f2::::::
	cpe:2.3:o:juniper:junos:15.1:f6::::::
	cpe:2.3:o:juniper:junos:15.1:r3::::::
	cpe:2.3:o:juniper:junos:15.1:r2::::::
	cpe:2.3:o:juniper:junos:15.1:f5::::::
	cpe:2.3:o:juniper:junos:15.1:r1::::::
	cpe:2.3:o:juniper:junos:15.1:f4::::::
	cpe:2.3:o:juniper:junos:15.1:f7::::::
	cpe:2.3:o:juniper:junos:15.1:r4::::::
	cpe:2.3:o:juniper:junos:15.1:r6::::::
	cpe:2.3:o:juniper:junos:15.1:f3::::::
	cpe:2.3:o:juniper:junos:15.1:r5::::::

OR	cpe:2.3:h:juniper:ex4600:-:::::::*
	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*

Configuration 3 (hide)

AND

OR	cpe:2.3:o:juniper:junos:15.1x53:d45::::::
	cpe:2.3:o:juniper:junos:15.1x53:d20::::::
	cpe:2.3:o:juniper:junos:15.1x53:d21::::::
	cpe:2.3:o:juniper:junos:15.1x53:d25::::::
	cpe:2.3:o:juniper:junos:15.1x53:d30::::::
	cpe:2.3:o:juniper:junos:15.1x53:d230::::::
	cpe:2.3:o:juniper:junos:15.1x53:d231::::::
	cpe:2.3:o:juniper:junos:15.1x53:d33::::::
	cpe:2.3:o:juniper:junos:15.1x53:d40::::::
	cpe:2.3:o:juniper:junos:15.1x53:d210::::::
	cpe:2.3:o:juniper:junos:15.1x53:d232::::::
	cpe:2.3:o:juniper:junos:15.1x53:::::::*
	cpe:2.3:o:juniper:junos:15.1x53:d32::::::
	cpe:2.3:o:juniper:junos:15.1x53:d34::::::

OR	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*
	cpe:2.3:h:juniper:ex4600:-:::::::*

Configuration 4 (hide)

AND

OR	cpe:2.3:o:juniper:junos:16.1:r4::::::
	cpe:2.3:o:juniper:junos:16.1:r5::::::
	cpe:2.3:o:juniper:junos:16.1:::::::*
	cpe:2.3:o:juniper:junos:16.1:r2::::::
	cpe:2.3:o:juniper:junos:16.1:r6::::::
	cpe:2.3:o:juniper:junos:16.1:r1::::::
	cpe:2.3:o:juniper:junos:16.1:r3::::::

OR	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*
	cpe:2.3:h:juniper:ex4600:-:::::::*

Configuration 5 (hide)

AND

OR	cpe:2.3:o:juniper:junos:16.2:r2::::::
	cpe:2.3:o:juniper:junos:16.2:::::::*
	cpe:2.3:o:juniper:junos:16.2:r1::::::

OR	cpe:2.3:h:juniper:qfx5200:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:ex3400:-:::::::*
	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*

Configuration 6 (hide)

AND

OR	cpe:2.3:o:juniper:junos:17.1:::::::*
	cpe:2.3:o:juniper:junos:17.1:r1::::::

OR	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:ex3400:-:::::::*

Configuration 7 (hide)

AND

OR	cpe:2.3:o:juniper:junos:17.2:r1::::::
	cpe:2.3:o:juniper:junos:17.2:::::::*

OR	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*
	cpe:2.3:h:juniper:ex3400:-:::::::*

Configuration 8 (hide)

AND

OR	cpe:2.3:o:juniper:junos:17.2x75:::::::*
	cpe:2.3:o:juniper:junos:17.2x75:d50::::::

OR	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:ex3400:-:::::::*
	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*

Configuration 9 (hide)

AND

OR	cpe:2.3:o:juniper:junos:17.3:::::::*
	cpe:2.3:o:juniper:junos:17.3:r1::::::
	cpe:2.3:o:juniper:junos:17.3:r2::::::

OR	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:ex3400:-:::::::*

Configuration 10 (hide)

AND

OR	cpe:2.3:o:juniper:junos:17.4:r1::::::
	cpe:2.3:o:juniper:junos:17.4:::::::*

OR	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*
	cpe:2.3:h:juniper:ex3400:-:::::::*

Configuration 11 (hide)

AND

OR	cpe:2.3:o:juniper:junos:18.1:::::::*
	cpe:2.3:o:juniper:junos:18.1:r1::::::

OR	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:ex3400:-:::::::*
	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*

Information

Published : 2018-10-10 11:29

Updated : 2019-10-09 16:31

NVD link : CVE-2018-0054

Mitre link : CVE-2018-0054

JSON object : View

CWE

CWE-400

Uncontrolled Resource Consumption

Products Affected

juniper

ex3400
qfx5210
junos
ex4600
qfx5120
qfx5100
qfx5110
qfx5200

6.5 /10

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

3.3 /10

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2018-0054

6.5^/10

3.3^/10

Attach tags to `CVE-2018-0054`