CVE-2019-0041— Junos OS: EX4300-MP Series: IP transit traffic can reach the control plane via loopback interface.

EPSS 0.28% · P51 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-0041

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Junos OS: EX4300-MP Series: IP transit traffic can reach the control plane via loopback interface.

Source: NVD (National Vulnerability Database)

Vulnerability Description

On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface (lo0). The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on EX4300-MP Series. This issue does not affect any other EX series devices.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

访问控制不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

Juniper Networks EX4300-MP Junos OS 安全特征问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Juniper Networks EX4300-MP是美国瞻博网络（Juniper Networks）公司的一款4300系列企业级交换机。Junos OS是一套专用于该公司的硬件设备的网络操作系统。 Juniper Networks EX4300-MP中的Junos OS 18.2版本存在安全特征问题漏洞。该漏洞是源于网络系统或产品中缺少身份验证、访问控制、权限管理等安全措施。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Juniper Networks	Junos OS	18.2 ~ 18.2R1-S2, 18.2R2	-

II. Public POCs for CVE-2019-0041

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2019-0041

请登录查看更多情报信息。

https://kb.juniper.net/JSA10933x_refsource_CONFIRM
https://nvd.nist.gov/vuln/detail/CVE-2019-0041

Same Patch Batch · Juniper Networks · 2019-04-10 · 16 CVEs total

CVE-2019-0008		QFX5000 Series, EX4300, EX4600: A stack buffer overflow vulnerability in Packet Forwarding
CVE-2019-0019		BGP packets can trigger rpd crash when BGP tracing is enabled.
CVE-2019-0028		Junos OS: RPD process crashes due to specific BGP peer restarts condition.
CVE-2019-0031		Junos OS: jdhcpd daemon memory consumption Denial of Service when receiving specific IPv6
CVE-2019-0032		Junos Space Service Now and Service Insight: Organization username and password stored in
CVE-2019-0033		SRX Series: A remote attacker may cause a high CPU Denial of Service to the device when pr
CVE-2019-0035		Junos OS: 'set system ports console insecure' allows root password recovery on OAM volumes
CVE-2019-0036		Junos OS: Firewall filter terms named "internal-1" and "internal-2" being ignored
CVE-2019-0037		Junos OS: jdhcpd crash upon receipt of crafted DHCPv6 solicit message
CVE-2019-0038		SRX Series: Crafted packets destined to fxp0 management interface on SRX340/SRX345 devices
CVE-2019-0039		Junos OS: Login credentials are vulnerable to brute force attacks through the REST API
CVE-2019-0040		Junos OS: Specially crafted packets sent to port 111 on any interface triggers responses f
CVE-2019-0042		Incorrect messages from Juniper Identity Management Service (JIMS) can trigger Denial of S
CVE-2019-0043		Junos OS: RPD process crashes upon receipt of a specific SNMP packet
CVE-2019-0044		Junos OS: SRX5000 series: Kernel crash (vmcore) upon receipt of a specific packet on fxp0

IV. Related Vulnerabilities

Same product: Junos OS

Same vendor: Juniper Networks

Same weakness: CWE-284

V. Comments for CVE-2019-0041

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2019-0041— Junos OS: EX4300-MP Series: IP transit traffic can reach the control plane via loopback interface.

I. Basic Information for CVE-2019-0041

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2019-0041

III. Intelligence Information for CVE-2019-0041

Same Patch Batch · Juniper Networks · 2019-04-10 · 16 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2019-0041

Leave a comment