{"containers": {"cna": {"affected": [{"product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "15.1F6-S12, 15.1R7-S3", "status": "affected", "version": "15.1", "versionType": "custom"}, {"lessThan": "15.1X49-D171, 15.1X49-D180", "status": "affected", "version": "15.1X49", "versionType": "custom"}, {"lessThan": "15.1X53-D236, 15.1X53-D496", "status": "affected", "version": "15.1X53", "versionType": "custom"}, {"lessThan": "16.1R3-S10, 16.1R7-S4", "status": "affected", "version": "16.1", "versionType": "custom"}, {"lessThan": "16.2R2-S8", "status": "affected", "version": "16.2", "versionType": "custom"}, {"lessThan": "17.1R2-S10, 17.1R3", "status": "affected", "version": "17.1", "versionType": "custom"}, {"lessThan": "17.2R1-S8, 17.2R3-S1", "status": "affected", "version": "17.2", "versionType": "custom"}, {"lessThan": "17.3R3-S3", "status": "affected", "version": "17.3", "versionType": "custom"}, {"lessThan": "17.4R1-S6, 17.4R2-S3", "status": "affected", "version": "17.4", "versionType": "custom"}, {"lessThan": "18.1R2-S4, 18.1R3-S2", "status": "affected", "version": "18.1", "versionType": "custom"}, {"lessThan": "18.2R2", "status": "affected", "version": "18.2", "versionType": "custom"}, {"lessThan": "18.2X75-D30", "status": "affected", "version": "18.2X75", "versionType": "custom"}, {"lessThan": "18.3R1-S2", "status": "affected", "version": "18.3", "versionType": "custom"}, {"lessThan": "15.1", "status": "unaffected", "version": "all", "versionType": "custom"}]}], "configurations": [{"lang": "en", "value": "Sample configuration:\n\n user@host# edit system services dhcp-local-server dhcpv6"}], "datePublic": "2019-04-10T00:00:00", "descriptions": [{"lang": "en", "value": "In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the jdhcpd process causing a sustained Denial of Service (DoS) to both IPv4 and IPv6 clients. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496; 16.1 versions prior to 16.1R3-S10, 16.1R7-S4; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S2; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R1-S2. This issue does not affect Junos OS releases prior to 15.1."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Denial of Service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-04-15T08:06:01", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA10926"}, {"name": "107894", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/107894"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 15.1F6-S12, 15.1R7-S3, 15.1X49-D171, 15.1X49-D180, 15.1X53-D236, 15.1X53-D496, 16.1R3-S10, 16.1R7-S4, 16.2R2-S8, 17.1R2-S10, 17.1R3, 17.2R1-S8, 17.2R3-S1, 17.3R3-S3, 17.4R1-S6, 17.4R2-S3, 18.1R2-S4, 18.1R3-S2, 18.2R2, 18.2X75-D30, 18.3R1-S2, 18.4R1, and all subsequent releases."}], "source": {"advisory": "JSA10926", "defect": ["1391983"], "discovery": "USER"}, "title": "Junos OS: jdhcpd crash upon receipt of crafted DHCPv6 solicit message", "workarounds": [{"lang": "en", "value": "No known workaround exists for this issue."}], "x_generator": {"engine": "Vulnogram 0.0.6"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2019-04-10T16:00:00.000Z", "ID": "CVE-2019-0037", "STATE": "PUBLIC", "TITLE": "Junos OS: jdhcpd crash upon receipt of crafted DHCPv6 solicit message"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"version_affected": "<", "version_name": "15.1", "version_value": "15.1F6-S12, 15.1R7-S3"}, {"version_affected": "<", "version_name": "15.1X49", "version_value": "15.1X49-D171, 15.1X49-D180"}, {"version_affected": "<", "version_name": "15.1X53", "version_value": "15.1X53-D236, 15.1X53-D496"}, {"version_affected": "<", "version_name": "16.1", "version_value": "16.1R3-S10, 16.1R7-S4"}, {"version_affected": "<", "version_name": "16.2", "version_value": "16.2R2-S8"}, {"version_affected": "<", "version_name": "17.1", "version_value": "17.1R2-S10, 17.1R3"}, {"version_affected": "<", "version_name": "17.2", "version_value": "17.2R1-S8, 17.2R3-S1"}, {"version_affected": "<", "version_name": "17.3", "version_value": "17.3R3-S3"}, {"version_affected": "<", "version_name": "17.4", "version_value": "17.4R1-S6, 17.4R2-S3"}, {"version_affected": "<", "version_name": "18.1", "version_value": "18.1R2-S4, 18.1R3-S2"}, {"version_affected": "<", "version_name": "18.2", "version_value": "18.2R2"}, {"version_affected": "<", "version_name": "18.2X75", "version_value": "18.2X75-D30"}, {"version_affected": "<", "version_name": "18.3", "version_value": "18.3R1-S2"}, {"version_affected": "!<", "version_name": "all", "version_value": "15.1"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "configuration": [{"lang": "en", "value": "Sample configuration:\n\n user@host# edit system services dhcp-local-server dhcpv6"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the jdhcpd process causing a sustained Denial of Service (DoS) to both IPv4 and IPv6 clients. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496; 16.1 versions prior to 16.1R3-S10, 16.1R7-S4; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S2; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R1-S2. This issue does not affect Junos OS releases prior to 15.1."}]}, "exploit": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "generator": {"engine": "Vulnogram 0.0.6"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA10926", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA10926"}, {"name": "107894", "refsource": "BID", "url": "http://www.securityfocus.com/bid/107894"}]}, "solution": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 15.1F6-S12, 15.1R7-S3, 15.1X49-D171, 15.1X49-D180, 15.1X53-D236, 15.1X53-D496, 16.1R3-S10, 16.1R7-S4, 16.2R2-S8, 17.1R2-S10, 17.1R3, 17.2R1-S8, 17.2R3-S1, 17.3R3-S3, 17.4R1-S6, 17.4R2-S3, 18.1R2-S4, 18.1R3-S2, 18.2R2, 18.2X75-D30, 18.3R1-S2, 18.4R1, and all subsequent releases."}], "source": {"advisory": "JSA10926", "defect": ["1391983"], "discovery": "USER"}, "work_around": [{"lang": "en", "value": "No known workaround exists for this issue."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T17:37:07.400Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA10926"}, {"name": "107894", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/107894"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2019-0037", "datePublished": "2019-04-10T20:13:51.375873Z", "dateReserved": "2018-10-11T00:00:00", "dateUpdated": "2024-09-16T18:59:07.314Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*", "matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*", "matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*", "matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*", "matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*", "matchCriteriaId": "08FC0245-A4FF-42C0-A236-8569301E351A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*", "matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r7:*:*:*:*:*:*", "matchCriteriaId": "31001EA8-2C65-4D3D-AEC7-F298692E8752", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1x49-d30:*:*:*:*:*:*:*", "matchCriteriaId": "29805EC7-F643-40B7-B34F-3926151B0DFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49-d60:*:*:*:*:*:*:*", "matchCriteriaId": "C751DBA2-5E15-4953-A19A-BA320BC0D557", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49-d140:*:*:*:*:*:*:*", "matchCriteriaId": "2302E8E5-E659-45E0-9819-249064124C14", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49-d150:*:*:*:*:*:*:*", "matchCriteriaId": "ACA1D9AB-E5C7-41AB-9F00-860B871B34BC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49-d160:*:*:*:*:*:*:*", "matchCriteriaId": "63E9B877-18EA-4CAB-8A01-58E09CC60DE3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d50:*:*:*:*:*:*:*", "matchCriteriaId": "5A062DBD-B40E-4D6E-85AA-E24FCF7F32A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d51:*:*:*:*:*:*:*", "matchCriteriaId": "CC4704B0-D62E-415F-9B8A-49C1E686FD14", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d52:*:*:*:*:*:*:*", "matchCriteriaId": "A67EBC07-923F-4358-AFC0-9A966A3F980D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d55:*:*:*:*:*:*:*", "matchCriteriaId": "43D1EFC0-908E-41C1-B4B0-C756845100FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d57:*:*:*:*:*:*:*", "matchCriteriaId": "55CD3841-EA43-4EC8-A3F1-42014411CC3F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d58:*:*:*:*:*:*:*", "matchCriteriaId": "FD8657F5-CF1E-4492-8EA9-B269740E4183", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53-d59:*:*:*:*:*:*:*", "matchCriteriaId": "66ECD21D-FAD9-4DBF-8C6F-83C89118A33C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:16:r2:*:*:*:*:*:*", "matchCriteriaId": "B7348840-EF3C-4BB2-BBED-CD78A82C069B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16:r3:*:*:*:*:*:*", "matchCriteriaId": "50D9475A-F4FC-4BDA-B7E8-7A8EC2E3051B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16:r4:*:*:*:*:*:*", "matchCriteriaId": "5CCE42E0-FB99-4573-B37F-CA2CFAED6E28", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16:r5:*:*:*:*:*:*", "matchCriteriaId": "D0A2595B-C942-4AFD-8D30-98D2D41B73A5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16:r6:*:*:*:*:*:*", "matchCriteriaId": "D2E1CC20-8F24-4D0B-945A-0C21E93E60EB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16:r7:*:*:*:*:*:*", "matchCriteriaId": "A9424B1E-5FA1-4D65-8553-D1728EC2B79D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*", "matchCriteriaId": "3661BC68-6F32-447F-8D20-FD73FBBED9C6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*", "matchCriteriaId": "5B6097D4-3856-4696-9A26-5B6C0FD9AD6C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s7:*:*:*:*:*:*", "matchCriteriaId": "5A7231C6-1CC4-4E7A-A317-5315246D2540", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*", "matchCriteriaId": "7572C187-4D58-4E0D-A605-B2B13EFF5C6B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.1:r2:*:*:*:*:*:*", "matchCriteriaId": "E34A149E-C2ED-4D86-A105-0A2775654AE7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s9:*:*:*:*:*:*", "matchCriteriaId": "F3778643-1684-4549-A764-A1909C14B4B3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*", "matchCriteriaId": "E889BF9C-BDDF-4A6A-97BB-00A097EF6D91", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*", "matchCriteriaId": "7D45F2C3-20FF-4A91-A440-E109B3CCE7C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r3:*:*:*:*:*:*", "matchCriteriaId": "11E055AC-5626-4EBB-8611-17BB1E8AEF15", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s7:*:*:*:*:*:*", "matchCriteriaId": "9689695F-53EB-4B35-9072-750E7282B011", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*", "matchCriteriaId": "38A40E03-F915-4888-87B0-5950F75F097D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*", "matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3:*:*:*:*:*:*", "matchCriteriaId": "25C7C3D0-A203-4979-8375-A610ADD48E9E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "0C366F93-BB30-4144-99AE-40B676977834", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*", "matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s5:*:*:*:*:*:*", "matchCriteriaId": "204FC7B5-9CF2-4AC2-9B8D-DA48CAEA6496", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*", "matchCriteriaId": "0E0CE79A-157D-47DE-BE65-936BC12470EB", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*", "matchCriteriaId": "B0A756E2-C320-405A-B24F-7C5022649E5A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*", "matchCriteriaId": "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*", "matchCriteriaId": "658841A9-BEC9-433E-81D0-47DE82887C4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "5AD05209-1274-4F8A-9FA2-A1A8DFCC5755", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.2:r1:*:*:*:*:*:*", "matchCriteriaId": "167EEC4F-729E-47C2-B0F8-E8108CE3E985", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.2x75-d10:*:*:*:*:*:*:*", "matchCriteriaId": "14125AE2-5CD4-41DE-8290-09CE58EF7DF2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*", "matchCriteriaId": "5342C3DC-D640-47AB-BD76-3444852988A2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the jdhcpd process causing a sustained Denial of Service (DoS) to both IPv4 and IPv6 clients. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496; 16.1 versions prior to 16.1R3-S10, 16.1R7-S4; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S2; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R1-S2. This issue does not affect Junos OS releases prior to 15.1."}, {"lang": "es", "value": "En un entorno de Protocolo de configuraci\u00f3n din\u00e1mica de host versi\u00f3n 6 (DHCPv6), el demonio jdhcpd puede bloquearse y reiniciarse al recibir ciertos mensajes de solicitud de DHCPv6 de un cliente DHCPv6. Al enviar continuamente el mismo paquete especialmente modificado, un atacante puede bloquear repetidamente el proceso jdhcpd, causando una denegaci\u00f3n de servicio (DoS) sostenida tanto a clientes IPv4 como IPv6. Las versiones afectadas son el Juniper Networks Junos OS: 15.1 versiones anteriores a 15.1F6-S12, 15.1R7-S3; 15.1X49 versiones anteriores a 15.1X49-D171, 15.1X49-D180; 15.1X53 versiones anteriores a 15.1X53-D236, 15.1X53-D496; 16.1 versiones anteriores a 16.1R3-S10, 16.1R7-S4; 16.2 versiones anteriores a 16.2R2-S8; 17.1 versiones anteriores a 17.1R2-S10, 17.1R3; 17.2 versiones anteriores a 17.2R1-S8, 17.2R3-S1; 17.3 versiones anteriores a 17.3R3-S3; 17.4 versiones anteriores a 17.4R1-S6, 17.4R2-S3; 18.1 versiones anteriores a 18.1R2-S4, 18.1R3-S2; 18.2 versiones anteriores a 18.2R2; 18.2X75 versiones anteriores a 18.2X75-D30; 18.3 versiones anteriores a 18.3R1-S2. Este problema no afecta a las versiones del Junos OS anteriores a la 15.1."}], "id": "CVE-2019-0037", "lastModified": "2024-11-21T04:16:06.103", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "sirt@juniper.net", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-04-10T20:29:00.787", "references": [{"source": "sirt@juniper.net", "tags": ["Broken Link"], "url": "http://www.securityfocus.com/bid/107894"}, {"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10926"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.securityfocus.com/bid/107894"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10926"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}