CVE-2018-0048 — Uncontrolled Resource Consumption in Networks Junos OS

CWE-400 — Uncontrolled Resource Consumption4 documents4 sources

Severity

7.5HIGHNVD

EPSS

1.4%

top 19.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos Juniper Junos OS

Timeline

PublishedOct 10

Latest updateMay 13

Description

A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 1…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5juniper_networks/junos_os17.2 — 17.2R1-S7, 17.2R2-S6, 17.2R3+4

▶NVDjuniper/junos5 versions+4

▶juniperjuniper/junos_os

🔴Vulnerability Details

GHSA

GHSA-wc46-55v6-3w8c: A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker↗2022-05-13

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Edge Chakra JIT - Parameter Scope Parsing Type Confusion↗2018-08-17

▶

📋Vendor Advisories

Juniper

CVE-2018-0048: A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker↗2018-10-10

▶