CVE-2019-0005 — Allocation of Resources Without Limits or Throttling in Juniper Junos
Severity
5.3MEDIUMNVD
EPSS
0.3%
top 45.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 15
Latest updateMay 13
Description
On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS on EX and QFX series;: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R7; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 series; 15.1X53 ve…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4
Affected Packages4 packages
🔴Vulnerability Details
1GHSA▶
GHSA-8r5w-fx9q-rh85: On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers↗2022-05-13
📋Vendor Advisories
1Juniper▶
CVE-2019-0005: On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This is↗2019-01-15
💬Community
13Bugzilla▶
CVE-2019-8763 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution↗2020-09-07
Bugzilla▶
CVE-2019-8719 webkitgtk: Incorrect state management leading to universal cross-site scripting↗2020-09-07
Bugzilla▶
CVE-2019-8735 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution↗2020-09-07
Bugzilla▶
CVE-2019-8674 webkitgtk: Incorrect state management leading to universal cross-site scripting↗2020-09-07