A vulnerability, which was classified as problematic, has been found in Juniper Junos on SRX (Router Operating System) (the affected version is unknown). Affected by this issue is an unknown code of the component flowd. The manipulation as part of a IP Packet leads to a exceptional condition vulnerability. Using CWE to declare the problem leads to CWE-755. The product does not handle or incorrectly handles an exceptional condition. Impacted is availability. CVE summarizes:

The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series.

The weakness was published 10/09/2019. This vulnerability is handled as CVE-2019-0060 since 10/11/2018. The exploitation is known to be easy. The attack may be launched remotely. No form of authentication is required for exploitation. The technical details are unknown and an exploit is not available.

Upgrading eliminates this vulnerability.

Similar entries are available at 143214, 143213, 143212 and 143211.

Productinfo

Type

• Router Operating System

Vendor

• Juniper

Name

• Junos

License

• commercial

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion