CVE-2019-0003 — Reachable Assertion in Networks Junos OS
Severity
5.9MEDIUMNVD
EPSS
0.6%
top 30.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 15
Latest updateMay 13
Description
When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon (rpd) process to crash with a core file being generated. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions p…
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6
Affected Packages5 packages
🔴Vulnerability Details
1GHSA▶
GHSA-3jqv-j83m-6qhf: When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec confi↗2022-05-13
📋Vendor Advisories
1Juniper▶
CVE-2019-0003: When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec confi↗2019-01-15
💬Community
22Bugzilla▶
CVE-2019-8619 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution↗2020-09-08
Bugzilla▶
CVE-2019-8622 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution↗2020-09-08
Bugzilla▶
CVE-2019-8610 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution↗2020-09-08
Bugzilla▶
CVE-2019-8594 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution↗2020-09-08
Bugzilla▶
CVE-2019-8597 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution↗2020-09-08