CVE-2018-0031 — Uncontrolled Resource Consumption in Networks Junos OS

CWE-400 — Uncontrolled Resource Consumption4 documents4 sources

Severity

5.9MEDIUMNVD

EPSS

0.2%

top 59.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos Juniper Junos OS +1 more

Timeline

PublishedJul 11

Latest updateMay 13

Description

Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter. The crafted UDP packets must be encapsulated and meet a very specific packet format to be classified in a way that bypasses IP firewall filter rules. The packets themselves do not cause a service interruption (e.g. RPD crash), but receipt of a high rate of UDP packets may be able to contribute to a denial of service attack. This issue only affects processing of transit UDP/IP packets over MPL…

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os12.1X46 — 12.1X46-D76+18

▶NVDjuniper/junos16 versions+15

▶juniperjuniper/junos_os

▶juniperjuniper/qfx_series

🔴Vulnerability Details

GHSA

GHSA-4hf3-pfgq-x6pj: Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter↗2022-05-13

▶

📋Vendor Advisories

VMware

vRealize Operations updates address a local privilege escalation vulnerability↗2018-12-18

▶

Juniper

CVE-2018-0031: Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter. The crafted UDP packets must be encapsulated↗2018-07-11

▶