CVE-2018-0029 — Uncontrolled Resource Consumption in Networks Junos OS

CWE-400 — Uncontrolled Resource Consumption4 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

0.2%

top 63.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos Juniper Junos OS +1 more

Timeline

PublishedJul 11

Latest updateMay 13

Description

While experiencing a broadcast storm, placing the fxp0 interface into promiscuous mode via the 'monitor traffic interface fxp0' can cause the system to crash and restart (vmcore). This issue only affects Junos OS 15.1 and later releases, and affects both single core and multi-core REs. Releases prior to Junos OS 15.1 are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S11, 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.…

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os15.1 — 15.1F6-S11, 15.1R4-S9, 15.1R6-S6, 15.1R7+12

▶NVDjuniper/junos10 versions+9

▶juniperjuniper/junos_os

▶juniperjuniper/qfx_series

🔴Vulnerability Details

GHSA

GHSA-xfc6-58m9-wf28: While experiencing a broadcast storm, placing the fxp0 interface into promiscuous mode via the 'monitor traffic interface fxp0' can cause the system t↗2022-05-13

▶

📋Vendor Advisories

Juniper

CVE-2018-0029: While experiencing a broadcast storm, placing the fxp0 interface into promiscuous mode via the 'monitor traffic interface fxp0' can cause the system t↗2018-07-11

▶