CVE-2019-0060 — Improper Handling of Exceptional Conditions in Networks Junos OS

CWE-755 — Improper Handling of Exceptional Conditions3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.4%

top 38.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos Juniper Junos OS +1 more

Timeline

PublishedOct 9

Latest updateMay 24

Description

The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 1…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶juniperjuniper/srx_series

▶CVEListV5juniper_networks/junos_os15.1X49 — 15.1X49-D171, 15.1X49-D180+2

▶NVDjuniper/junos15.1x49, 18.2, 18.4+2

▶juniperjuniper/junos_os

🔴Vulnerability Details

GHSA

GHSA-c5vr-66hv-6685: The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packe↗2022-05-24

▶

📋Vendor Advisories

Juniper

CVE-2019-0060: The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packe↗2019-10-09

▶