CVE-2018-0054 — Uncontrolled Resource Consumption in Networks Junos OS

CWE-400 — Uncontrolled Resource Consumption3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.2%

top 59.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos Juniper Junos OS +1 more

Timeline

PublishedOct 10

Latest updateMay 13

Description

On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface (fxp0) can cause egress interface congestion, resulting in routing protocol packet drops, such as BGP, leading to peering flaps. The following log message may also be displayed: fpc0 dcbcm_check_stuck_buffers: Buffers are stuck on queue 7 of port 45 This issue only affects the QFX5000 Series products (QFX5100, QFX5110, QFX5200, QFX5210) and the EX4600 switch. No…

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶juniperjuniper/qfx_series

▶CVEListV5juniper_networks/junos_os14.1X53 — 14.1X53-D47+10

▶NVDjuniper/junos11 versions+10

▶juniperjuniper/junos_os

🔴Vulnerability Details

GHSA

GHSA-vh77-2vv6-g7qh: On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface (fxp0) can cau↗2022-05-13

▶

📋Vendor Advisories

Juniper

CVE-2018-0054: On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface (fxp0) can cau↗2018-10-10

▶