CVE-2019-0063 — Improper Input Validation in Networks Junos OS

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.2%

top 57.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos Juniper Junos OS +1 more

Timeline

PublishedOct 9

Latest updateMay 24

Description

When an MX Series Broadband Remote Access Server (BRAS) is configured as a Broadband Network Gateway (BNG) with DHCPv6 enabled, jdhcpd might crash when receiving a specific crafted DHCP response message on a subscriber interface. The daemon automatically restarts without intervention, but continuous receipt of specific crafted DHCP messages will repeatedly crash jdhcpd, leading to an extended Denial of Service (DoS) condition. This issue only affects systems configured with DHCPv6 enabled. DHCPv…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶juniperjuniper/mx_series

▶CVEListV5juniper_networks/junos_os15.1 — 15.1R7-S5+12

▶NVDjuniper/junos13 versions+12

▶juniperjuniper/junos_os

🔴Vulnerability Details

GHSA

GHSA-96f8-g533-px5m: When an MX Series Broadband Remote Access Server (BRAS) is configured as a Broadband Network Gateway (BNG) with DHCPv6 enabled, jdhcpd might crash whe↗2022-05-24

▶

📋Vendor Advisories

Juniper

CVE-2019-0063: When an MX Series Broadband Remote Access Server (BRAS) is configured as a Broadband Network Gateway (BNG) with DHCPv6 enabled, jdhcpd might crash whe↗2019-10-09

▶