CVE-2019-0003

When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon (rpd) process to crash with a core file being generated. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 15.1 versions prior to 15.1R3; 15.1F versions prior to 15.1F3; 15.1X49 versions prior to 15.1X49-D140 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400.

CVSS v3.0 5.9 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.9^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://kb.juniper.net/JSA10902	Vendor Advisory
http://www.securityfocus.com/bid/106544	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:juniper:junos:12.1x46:::::::*
	cpe:2.3:o:juniper:junos:12.1x46:d40::::::
	cpe:2.3:o:juniper:junos:12.1x46:d50::::::
	cpe:2.3:o:juniper:junos:12.1x46:d15::::::
	cpe:2.3:o:juniper:junos:12.1x46:d20::::::
	cpe:2.3:o:juniper:junos:12.1x46:d25::::::
	cpe:2.3:o:juniper:junos:12.1x46:d30::::::
	cpe:2.3:o:juniper:junos:12.1x46:d55::::::
	cpe:2.3:o:juniper:junos:12.1x46:d60::::::
	cpe:2.3:o:juniper:junos:12.1x46:d10::::::
	cpe:2.3:o:juniper:junos:12.1x46:d35::::::
	cpe:2.3:o:juniper:junos:12.1x46:d45::::::

OR	cpe:2.3:h:juniper:srx110:-:::::::*
	cpe:2.3:h:juniper:srx1500:-:::::::*
	cpe:2.3:h:juniper:srx3400:-:::::::*
	cpe:2.3:h:juniper:srx3600:-:::::::*
	cpe:2.3:h:juniper:srx650:-:::::::*
	cpe:2.3:h:juniper:srx220:-:::::::*
	cpe:2.3:h:juniper:srx240:-:::::::*
	cpe:2.3:h:juniper:srx300:-:::::::*
	cpe:2.3:h:juniper:srx320:-:::::::*
	cpe:2.3:h:juniper:srx100:-:::::::*
	cpe:2.3:h:juniper:srx4200:-:::::::*
	cpe:2.3:h:juniper:srx1400:-:::::::*
	cpe:2.3:h:juniper:srx5600:-:::::::*
	cpe:2.3:h:juniper:srx5800:-:::::::*
	cpe:2.3:h:juniper:srx210:-:::::::*
	cpe:2.3:h:juniper:srx550:-:::::::*
	cpe:2.3:h:juniper:srx4100:-:::::::*
	cpe:2.3:h:juniper:srx5400:-:::::::*
	cpe:2.3:h:juniper:srx340:-:::::::*
	cpe:2.3:h:juniper:srx345:-:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:juniper:junos:12.3:::::::*
	cpe:2.3:o:juniper:junos:12.3:r4::::::
	cpe:2.3:o:juniper:junos:12.3:r6::::::
	cpe:2.3:o:juniper:junos:12.3:r1::::::
	cpe:2.3:o:juniper:junos:12.3:r11::::::
	cpe:2.3:o:juniper:junos:12.3:r2::::::
	cpe:2.3:o:juniper:junos:12.3:r3::::::
	cpe:2.3:o:juniper:junos:12.3:r8::::::
	cpe:2.3:o:juniper:junos:12.3:r12::::::
	cpe:2.3:o:juniper:junos:12.3:r9::::::
	cpe:2.3:o:juniper:junos:12.3:r5::::::
	cpe:2.3:o:juniper:junos:12.3:r7::::::

Configuration 3 (hide)

AND

OR	cpe:2.3:o:juniper:junos:12.3x48:d10::::::
	cpe:2.3:o:juniper:junos:12.3x48:d20::::::
	cpe:2.3:o:juniper:junos:12.3x48:d60::::::
	cpe:2.3:o:juniper:junos:12.3x48:d30::::::
	cpe:2.3:o:juniper:junos:12.3x48:d35::::::
	cpe:2.3:o:juniper:junos:12.3x48:d40::::::
	cpe:2.3:o:juniper:junos:12.3x48:d45::::::
	cpe:2.3:o:juniper:junos:12.3x48:d15::::::
	cpe:2.3:o:juniper:junos:12.3x48:d25::::::
	cpe:2.3:o:juniper:junos:12.3x48:d55::::::
	cpe:2.3:o:juniper:junos:12.3x48:d65::::::

OR	cpe:2.3:h:juniper:srx210:-:::::::*
	cpe:2.3:h:juniper:srx240:-:::::::*
	cpe:2.3:h:juniper:srx4100:-:::::::*
	cpe:2.3:h:juniper:srx5400:-:::::::*
	cpe:2.3:h:juniper:srx320:-:::::::*
	cpe:2.3:h:juniper:srx340:-:::::::*
	cpe:2.3:h:juniper:srx3400:-:::::::*
	cpe:2.3:h:juniper:srx345:-:::::::*
	cpe:2.3:h:juniper:srx3600:-:::::::*
	cpe:2.3:h:juniper:srx100:-:::::::*
	cpe:2.3:h:juniper:srx110:-:::::::*
	cpe:2.3:h:juniper:srx1400:-:::::::*
	cpe:2.3:h:juniper:srx650:-:::::::*
	cpe:2.3:h:juniper:srx5600:-:::::::*
	cpe:2.3:h:juniper:srx1500:-:::::::*
	cpe:2.3:h:juniper:srx5800:-:::::::*
	cpe:2.3:h:juniper:srx300:-:::::::*
	cpe:2.3:h:juniper:srx550:-:::::::*
	cpe:2.3:h:juniper:srx4200:-:::::::*
	cpe:2.3:h:juniper:srx220:-:::::::*

Configuration 4 (hide)

AND

OR	cpe:2.3:o:juniper:junos:14.1x53:::::::*
	cpe:2.3:o:juniper:junos:14.1x53:d15::::::
	cpe:2.3:o:juniper:junos:14.1x53:d30::::::
	cpe:2.3:o:juniper:junos:14.1x53:d40::::::
	cpe:2.3:o:juniper:junos:14.1x53:d16::::::
	cpe:2.3:o:juniper:junos:14.1x53:d25::::::
	cpe:2.3:o:juniper:junos:14.1x53:d26::::::
	cpe:2.3:o:juniper:junos:14.1x53:d27::::::
	cpe:2.3:o:juniper:junos:14.1x53:d43::::::
	cpe:2.3:o:juniper:junos:14.1x53:d44::::::
	cpe:2.3:o:juniper:junos:14.1x53:d45::::::
	cpe:2.3:o:juniper:junos:14.1x53:d35::::::
	cpe:2.3:o:juniper:junos:14.1x53:d10::::::
	cpe:2.3:o:juniper:junos:14.1x53:d42::::::
	cpe:2.3:o:juniper:junos:14.1x53:d46::::::

OR	cpe:2.3:h:juniper:ex2200\/vc:-:::::::*
	cpe:2.3:h:juniper:ex3300\/vc:-:::::::*
	cpe:2.3:h:juniper:qfx3500:-:::::::*
	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:ex4300:-:::::::*
	cpe:2.3:h:juniper:ex4550\/vc:-:::::::*
	cpe:2.3:h:juniper:ex4600:-:::::::*
	cpe:2.3:h:juniper:ex6200:-:::::::*
	cpe:2.3:h:juniper:ex3200:-:::::::*
	cpe:2.3:h:juniper:ex4200:-:::::::*
	cpe:2.3:h:juniper:ex8200\/vc_\(xre\):-:::::::*
	cpe:2.3:h:juniper:qfx3600:-:::::::*

Configuration 5 (hide)

OR	cpe:2.3:o:juniper:junos:15.1:f3::::::
	cpe:2.3:o:juniper:junos:15.1:f5::::::
	cpe:2.3:o:juniper:junos:15.1:f7::::::
	cpe:2.3:o:juniper:junos:15.1:r1::::::
	cpe:2.3:o:juniper:junos:15.1:r7-s3::::::
	cpe:2.3:o:juniper:junos:15.1:r2::::::
	cpe:2.3:o:juniper:junos:15.1:r7-s2::::::
	cpe:2.3:o:juniper:junos:15.1:f1::::::
	cpe:2.3:o:juniper:junos:15.1:f2::::::
	cpe:2.3:o:juniper:junos:15.1:f4::::::
	cpe:2.3:o:juniper:junos:15.1:f6::::::

Configuration 6 (hide)

AND

OR	cpe:2.3:o:juniper:junos:15.1x49:d20::::::
	cpe:2.3:o:juniper:junos:15.1x49:d60::::::
	cpe:2.3:o:juniper:junos:15.1x49:d70::::::
	cpe:2.3:o:juniper:junos:15.1x49:d110::::::
	cpe:2.3:o:juniper:junos:15.1x49:d130::::::
	cpe:2.3:o:juniper:junos:15.1x49:d75::::::
	cpe:2.3:o:juniper:junos:15.1x49:d80::::::
	cpe:2.3:o:juniper:junos:15.1x49:d90::::::
	cpe:2.3:o:juniper:junos:15.1x49:d100::::::
	cpe:2.3:o:juniper:junos:15.1x49:d35::::::
	cpe:2.3:o:juniper:junos:15.1x49:d40::::::
	cpe:2.3:o:juniper:junos:15.1x49:d50::::::
	cpe:2.3:o:juniper:junos:15.1x49:d30::::::
	cpe:2.3:o:juniper:junos:15.1x49:d45::::::
	cpe:2.3:o:juniper:junos:15.1x49:d65::::::
	cpe:2.3:o:juniper:junos:15.1x49:d10::::::
	cpe:2.3:o:juniper:junos:15.1x49:d55::::::
	cpe:2.3:o:juniper:junos:15.1x49:d120::::::

OR	cpe:2.3:h:juniper:srx100:-:::::::*
	cpe:2.3:h:juniper:srx220:-:::::::*
	cpe:2.3:h:juniper:srx300:-:::::::*
	cpe:2.3:h:juniper:srx4200:-:::::::*
	cpe:2.3:h:juniper:srx550:-:::::::*
	cpe:2.3:h:juniper:srx340:-:::::::*
	cpe:2.3:h:juniper:srx3400:-:::::::*
	cpe:2.3:h:juniper:srx345:-:::::::*
	cpe:2.3:h:juniper:srx3600:-:::::::*
	cpe:2.3:h:juniper:srx110:-:::::::*
	cpe:2.3:h:juniper:srx1400:-:::::::*
	cpe:2.3:h:juniper:srx240:-:::::::*
	cpe:2.3:h:juniper:srx650:-:::::::*
	cpe:2.3:h:juniper:srx5600:-:::::::*
	cpe:2.3:h:juniper:srx1500:-:::::::*
	cpe:2.3:h:juniper:srx5800:-:::::::*
	cpe:2.3:h:juniper:srx210:-:::::::*
	cpe:2.3:h:juniper:srx4100:-:::::::*
	cpe:2.3:h:juniper:srx5400:-:::::::*
	cpe:2.3:h:juniper:srx320:-:::::::*

Configuration 7 (hide)

AND

OR	cpe:2.3:o:juniper:junos:15.1x53:d21::::::
	cpe:2.3:o:juniper:junos:15.1x53:d25::::::
	cpe:2.3:o:juniper:junos:15.1x53:d40::::::
	cpe:2.3:o:juniper:junos:15.1x53:d56::::::
	cpe:2.3:o:juniper:junos:15.1x53:d30::::::
	cpe:2.3:o:juniper:junos:15.1x53:d32::::::
	cpe:2.3:o:juniper:junos:15.1x53:d33::::::
	cpe:2.3:o:juniper:junos:15.1x53:d34::::::
	cpe:2.3:o:juniper:junos:15.1x53:d20::::::
	cpe:2.3:o:juniper:junos:15.1x53:d210::::::
	cpe:2.3:o:juniper:junos:15.1x53:d45::::::

OR	cpe:2.3:h:juniper:ex2300:-:::::::*
	cpe:2.3:h:juniper:ex3400:-:::::::*

Information

Published : 2019-01-15 13:29

Updated : 2020-09-28 18:49

NVD link : CVE-2019-0003

Mitre link : CVE-2019-0003

JSON object : View

CWE

CWE-617

Reachable Assertion

Products Affected

juniper

srx210
ex3200
srx1500
srx3600
srx4100
ex4300
ex8200\/vc_\(xre\)
ex3300\/vc
qfx5100
ex6200
ex4550\/vc
qfx3500
ex3400
ex4200
srx650
ex2300
srx550
srx300
srx4200
ex2200\/vc
srx340
srx5600
srx5800
srx5400
junos
srx240
srx110
srx3400
srx320
srx1400
srx100
ex4600
srx345
qfx3600
srx220

5.9 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2019-0003

5.9^/10

4.3^/10

Attach tags to `CVE-2019-0003`