| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.4 | $0-$5k | 0.00 |
Summary
A vulnerability classified as critical has been found in Juniper Junos. This vulnerability affects unknown code of the component Kernel. The manipulation as part of MPLS Packet leads to resource management. This vulnerability is traded as CVE-2018-0003. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
Details
A vulnerability, which was classified as critical, has been found in Juniper Junos (Router Operating System) (version now known). This issue affects some unknown processing of the component Kernel. The manipulation as part of a MPLS Packet leads to a resource management vulnerability. Using CWE to declare the problem leads to CWE-399. Impacted is availability. The summary by CVE is:
A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. Subsequently, if this stored information is accessed, this may result in a kernel crash leading to a denial of service. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71; 12.3R12 versions prior to 12.3R12-S7; 12.3X48 versions prior to 12.3X48-D55; 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D45, 14.1X53-D107; 14.2 versions prior to 14.2R7-S7, 14.2R8; 15.1 versions prior to 15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R6-S3, 15.1R7; 15.1X49 versions prior to 15.1X49-D100; 15.1X53 versions prior to 15.1X53-D65, 15.1X53-D231; 16.1 versions prior to 16.1R3-S6, 16.1R4-S6, 16.1R5; 16.1X65 versions prior to 16.1X65-D45; 16.2 versions prior to 16.2R2-S1, 16.2R3; 17.1 versions prior to 17.1R2-S2, 17.1R3; 17.2 versions prior to 17.2R1-S3, 17.2R2; 17.2X75 versions prior to 17.2X75-D50. No other Juniper Networks products or platforms are affected by this issue.
The bug was discovered 01/10/2018. The weakness was shared 01/10/2018 (Website). It is possible to read the advisory at kb.juniper.net. The identification of this vulnerability is CVE-2018-0003 since 11/16/2017. The exploitation is known to be easy. Access to the local network is required for this attack to succeed. No form of authentication is needed for a successful exploitation. The technical details are unknown and an exploit is not publicly available.
The vulnerability scanner Nessus provides a plugin with the ID 106388 (Juniper Junos MPLS Packet Handling Remote DoS (JSA10831)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Junos Local Security Checks and running in the context c. The commercial vulnerability scanner Qualys is able to test this issue with plugin 43632 (Juniper Junos Kernel Crash Due to Crafted MPLS Packet Vulnerability (JSA10831)).
Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at Tenable (106388) and SecurityFocus (BID 105715†). The entries VDB-111723, VDB-111722, VDB-111720 and VDB-111717 are related to this item. Be aware that VulDB is the high quality source for vulnerability data.
Product
Type
Vendor
Name
License
Website
- Vendor: https://www.juniper.net/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.5VulDB Meta Temp Score: 6.4
VulDB Base Score: 6.5
VulDB Temp Score: 6.2
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 6.5
NVD Vector: 🔍
CNA Base Score: 6.5
CNA Vector (Juniper Networks, Inc.): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Resource managementCWE: CWE-399 / CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Partially
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 106388
Nessus Name: Juniper Junos MPLS Packet Handling Remote DoS (JSA10831)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Timeline
11/16/2017 🔍01/10/2018 🔍
01/10/2018 🔍
01/10/2018 🔍
01/10/2018 🔍
01/11/2018 🔍
01/26/2018 🔍
01/20/2023 🔍
Sources
Vendor: juniper.netAdvisory: kb.juniper.net
Status: Not defined
Confirmation: 🔍
CVE: CVE-2018-0003 (🔍)
GCVE (CVE): GCVE-0-2018-0003
GCVE (VulDB): GCVE-100-111719
SecurityFocus: 105715
SecurityTracker: 1040179
See also: 🔍
Entry
Created: 01/11/2018 16:29Updated: 01/20/2023 14:45
Changes: 01/11/2018 16:29 (68), 12/22/2019 09:00 (4), 01/29/2021 18:44 (2), 01/29/2021 18:48 (1), 01/20/2023 14:45 (11)
Complete: 🔍
Cache ID: 216::103
Be aware that VulDB is the high quality source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.