Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-0054— QFX5000/EX4600 Series: Routing protocol flap upon receipt of high rate of Ethernet frames

EPSS 0.19% · P40
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-0054

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
QFX5000/EX4600 Series: Routing protocol flap upon receipt of high rate of Ethernet frames
Source: NVD (National Vulnerability Database)
Vulnerability Description
On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface (fxp0) can cause egress interface congestion, resulting in routing protocol packet drops, such as BGP, leading to peering flaps. The following log message may also be displayed: fpc0 dcbcm_check_stuck_buffers: Buffers are stuck on queue 7 of port 45 This issue only affects the QFX5000 Series products (QFX5100, QFX5110, QFX5200, QFX5210) and the EX4600 switch. No other platforms are affected by this issue. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on QFX5000 Series and EX4600; 15.1 versions prior to 15.1R7, 15.1R8 on QFX5000 Series and EX4600; 15.1X53 versions prior to 15.1X53-D233 on QFX5000 Series and EX4600; 16.1 versions prior to 16.1R7 on QFX5000 Series and EX4600; 16.2 versions prior to 16.2R3 on QFX5000 Series and EX4600; 17.1 versions prior to 17.1R2-S9, 17.1R3 on QFX5000 Series and EX4600; 17.2 versions prior to 17.2R2-S6, 17.2R3 on QFX5000 Series and EX4600; 17.2X75 versions prior to 17.2X75-D42 on QFX5000 Series and EX4600; 17.3 versions prior to 17.3R3 on QFX5000 Series and EX4600; 17.4 versions prior to 17.4R2 on QFX5000 Series and EX4600; 18.1 versions prior to 18.1R2 on QFX5000 Series and EX4600.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Juniper Junos OS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Juniper Junos OS是美国瞻博网络(Juniper Networks)公司的一套专用于该公司的硬件系统的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Junos OS中存在拒绝服务漏洞。攻击者可通过发送高速率的Ethernet暂停帧或发送大量的ARP数据包利用该漏洞造成拒绝服务(路由协议数据包丢失)。基于QFX5000系列和EX4600系列平台的以下版本受到影响:Juniper Junos OS 14.1X53版本,15.1版本,15.1X53版本,16.1
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Juniper NetworksJunos OS 14.1X53 ~ 14.1X53-D47 -

II. Public POCs for CVE-2018-0054

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-0054

Please Login to view more intelligence information

Same Patch Batch · Juniper Networks · 2018-10-10 · 21 CVEs total

CVE-2018-0053vSRX Series: A local authentication vulnerability may lead to full control of a vSRX insta
CVE-2018-0063Junos OS: Nexthop index allocation failed: private index space exhausted after incoming AR
CVE-2018-0062Junos OS: Denial of Service in J-Web
CVE-2018-0061Junos OS: Denial of service in telnetd
CVE-2018-0060Junos OS: Invalid IP/mask learned from DHCP server might cause device control daemon (dcd)
CVE-2018-0059ScreenOS: Stored Cross-Site Scripting (XSS) vulnerability
CVE-2018-0058MX Series: In BBE configurations, receipt of a crafted IPv6 exception packet causes a Deni
CVE-2018-0057Junos OS: authd allows assignment of IP address requested by DHCP subscriber logging in wi
CVE-2018-0056MX Series: L2ALD daemon may crash if a duplicate MAC is learned by two different interface
CVE-2018-0055Junos OS: jdhcpd process crash during processing of specially crafted DHCPv6 message
CVE-2018-0043Junos OS: RPD daemon crashes upon receipt of specific MPLS packet
CVE-2018-0052Junos OS: Unauthenticated remote root access possible when RSH service is enabled
CVE-2018-0051Junos OS: Denial of Service vulnerability in MS-PIC, MS-MIC, MS-MPC, MS-DPC and SRX flow d
CVE-2018-0050Junos OS: Receipt of a malformed MPLS RSVP packet leads to a Routing Protocols Daemon (RPD
CVE-2018-0049Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel
CVE-2018-0048Junos OS: Memory exhaustion denial of service vulnerability in Routing Protocols Daemon (R
CVE-2018-0047Junos Space Security Director: XSS vulnerability in web administration
CVE-2018-0046Junos Space: Reflected Cross-site Scripting vulnerability in OpenNMS
CVE-2018-0045Junos OS: RPD daemon crashes due to receipt of specific Draft-Rosen MVPN control packet in
CVE-2018-0044NFX Series: Insecure sshd configuration in Juniper Device Manager (JDM) and host OS

IV. Related Vulnerabilities

Same product: Junos OS
Same vendor: Juniper Networks

V. Comments for CVE-2018-0054

No comments yet

Leave a comment