CVE-2019-0040Sensitive Information Exposure in Networks Junos OS

CWE-200Sensitive Information Exposure6 documents4 sources
Severity
9.1CRITICALNVD
EPSS
0.5%
top 32.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Juniper Networks Junos OSJuniper JunosJuniper Junos OS
Timeline
PublishedApr 10
Latest updateMay 13

Description

On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI). External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source address of the management interface (e.g. fxp0) thus disclosing internal addressing and existence of the management interface itself. A high rate of crafted packets destined to port 111 may also lead to a partial Denial of Service (DoS). Note: Systems with

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages3 packages

CVEListV5juniper_networks/junos_os15.115.1F6-S12, 15.1R7-S4+7
NVDjuniper/junos8 versions+7

🔴Vulnerability Details

1
GHSA
GHSA-99fv-28fj-8fh2: On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI)2022-05-13

📋Vendor Advisories

1
Juniper
CVE-2019-0040: On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI). External packets destined to port 111 should be drop2019-04-10

💬Community

3
Bugzilla
CVE-2019-0545 .NET Core: NCL - SocketsHttpHandler mishandling 1xx response as a final response leads to info disclosure2018-12-18
Bugzilla
CVE-2019-0548 Asp.NET Core: AspNetCoreModule WebSocket DOS2018-12-18
Bugzilla
CVE-2019-0564 Asp.NET Core: Kestrel - WebSocket DoS via CancellationToken (CoreFX and ASP.NET)2018-12-18
CVE-2019-0040 — Sensitive Information Exposure | cvebase