Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-0049— Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash.

EPSS 0.84% · P75
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-0049

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash.
Source: NVD (National Vulnerability Database)
Vulnerability Description
A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash. Continued receipt of this specifically crafted malicious MPLS packet will cause a sustained Denial of Service condition. This issue require it to be received on an interface configured to receive this type of traffic. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and including 12.1X46-D76 prior to 12.1X46-D81 on SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 12.3R12-S10; 12.3X48 versions above and including 12.3X48-D66 prior to 12.3X48-D75 on SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions above and including 14.1X53-D115 prior to 14.1X53-D130 on QFabric System; 15.1 versions above and including 15.1F6-S10; 15.1R4-S9; 15.1R6-S6; 15.1 versions above and including 15.1R7 prior to 15.1R7-S2; 15.1X49 versions above and including 15.1X49-D131 prior to 15.1X49-D150 on SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 15.1X53 versions above 15.1X53-D233 prior to 15.1X53-D235 on QFX5200/QFX5110; 15.1X53 versions up to and including 15.1X53-D471 prior to 15.1X53-D590 on NFX150, NFX250; 15.1X53-D67 on QFX10000 Series; 15.1X53-D59 on EX2300/EX3400; 16.1 versions above and including 16.1R3-S8; 16.1 versions above and including 16.1R4-S9 prior to 16.1R4-S12; 16.1 versions above and including 16.1R5-S4; 16.1 versions above and including 16.1R6-S3 prior to 16.1R6-S6; 16.1 versions above and including 16.1R7 prior to 16.1R7-S2; 16.2 versions above and including 16.2R1-S6; 16.2 versions above and including 16.2R2-S5 prior to 16.2R2-S7; 17.1R1-S7; 17.1 versions above and including 17.1R2-S7 prior to 17.1R2-S9; 17.2R1-S6; 17.2 versions above and including 17.2R2-S4 prior to 17.2R2-S6; 17.2X75 versions above and including 17.2X75-D100 prior to X17.2X75-D101, 17.2X75-D110; 17.3 versions above and including 17.3R1-S4 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 17.3 versions above and including 17.3R2-S2 prior to 17.3R2-S4 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 17.3R3 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 17.4 versions above and including 17.4R1-S3 prior to 17.4R1-S5 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 17.4R2 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 18.1 versions above and including 18.1R2 prior to 18.1R2-S3, 18.1R3 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 18.2 versions above and including 18.2R1 prior to 18.2R1-S2, 18.2R1-S3, 18.2R2 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 18.2X75 versions above and including 18.2X75-D5 prior to 18.2X75-D20.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Juniper Junos OS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Juniper Junos OS是美国瞻博网络(Juniper Networks)公司的一套专用于该公司的硬件系统的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Junos OS中存在安全漏洞。攻击者可借助特制的MPLS数据包利用该漏洞造成Junos OS内核崩溃,导致拒绝服务。以下版本受到影响:Juniper Junos OS 12.1X46版本,12.3版本,12.3X48版本,14.1X53版本,15.1版本,15.1X49版本,15.1X53版本,16.1版本,
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Juniper NetworksJunos OS 12.1X46-D76 ~ 12.1X46* -
Juniper NetworksJunos OS 12.3R12-S10 -
Juniper NetworksJunos OS 14.1X53-D47 -
Juniper NetworksJunos OS 14.1X53-D115 ~ 14.1X53* -
Juniper NetworksJunos OS 15.1X53-D233 ~ 15.1X53* -
Juniper NetworksJunos OS 15.1X53 ~ 15.1X53-D471 -
Juniper NetworksJunos OS 15.1X53-D67 -
Juniper NetworksJunos OS 15.1X53-D59 -
Juniper NetworksJunos OS 17.3R3 -

II. Public POCs for CVE-2018-0049

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-0049

登录查看更多情报信息。

Same Patch Batch · Juniper Networks · 2018-10-10 · 21 CVEs total

CVE-2018-0054QFX5000/EX4600 Series: Routing protocol flap upon receipt of high rate of Ethernet frames
CVE-2018-0063Junos OS: Nexthop index allocation failed: private index space exhausted after incoming AR
CVE-2018-0062Junos OS: Denial of Service in J-Web
CVE-2018-0061Junos OS: Denial of service in telnetd
CVE-2018-0060Junos OS: Invalid IP/mask learned from DHCP server might cause device control daemon (dcd)
CVE-2018-0059ScreenOS: Stored Cross-Site Scripting (XSS) vulnerability
CVE-2018-0058MX Series: In BBE configurations, receipt of a crafted IPv6 exception packet causes a Deni
CVE-2018-0057Junos OS: authd allows assignment of IP address requested by DHCP subscriber logging in wi
CVE-2018-0056MX Series: L2ALD daemon may crash if a duplicate MAC is learned by two different interface
CVE-2018-0055Junos OS: jdhcpd process crash during processing of specially crafted DHCPv6 message
CVE-2018-0043Junos OS: RPD daemon crashes upon receipt of specific MPLS packet
CVE-2018-0053vSRX Series: A local authentication vulnerability may lead to full control of a vSRX insta
CVE-2018-0052Junos OS: Unauthenticated remote root access possible when RSH service is enabled
CVE-2018-0051Junos OS: Denial of Service vulnerability in MS-PIC, MS-MIC, MS-MPC, MS-DPC and SRX flow d
CVE-2018-0050Junos OS: Receipt of a malformed MPLS RSVP packet leads to a Routing Protocols Daemon (RPD
CVE-2018-0048Junos OS: Memory exhaustion denial of service vulnerability in Routing Protocols Daemon (R
CVE-2018-0047Junos Space Security Director: XSS vulnerability in web administration
CVE-2018-0046Junos Space: Reflected Cross-site Scripting vulnerability in OpenNMS
CVE-2018-0045Junos OS: RPD daemon crashes due to receipt of specific Draft-Rosen MVPN control packet in
CVE-2018-0044NFX Series: Insecure sshd configuration in Juniper Device Manager (JDM) and host OS

IV. Related Vulnerabilities

Same product: Junos OS
Same vendor: Juniper Networks

V. Comments for CVE-2018-0049

No comments yet

Leave a comment