CVE-2019-0048Sensitive Information Exposure in Networks Junos OS

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.8MEDIUMNVD
EPSS
0.2%
top 56.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Juniper Networks Junos OSJuniper JunosJuniper Junos OS
Timeline
PublishedJul 11
Latest updateMay 24

Description

On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority. This rule is meant for reserved multicast addresses 224.0.0.x, but incorrectly matches on 224.x.x.x. Due to this bug, when a firewall filter is applied on the loopback interface, other firewall filters might stop working for multicast traffic. The command 'show firewall filter' can be used to confirm whether the filter is working. This i

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

CVEListV5juniper_networks/junos_os8 versions+7
NVDjuniper/junos8 versions+7

Patches

Patch: kb.juniper.netPatch: kb.juniper.net

🔴Vulnerability Details

1
GHSA
GHSA-5p6g-hf22-qx2m: On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high2022-05-24

📋Vendor Advisories

1
Juniper
CVE-2019-0048: On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high2019-07-11
CVE-2019-0048 — Sensitive Information Exposure | cvebase