Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-0064— Junos OS: SRX5000 Series: flowd process crash due to receipt of specific TCP packet

CVSS 7.5 · High EPSS 0.39% · P60
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-0064

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Junos OS: SRX5000 Series: flowd process crash due to receipt of specific TCP packet
Source: NVD (National Vulnerability Database)
Vulnerability Description
On SRX5000 Series devices, if 'set security zones security-zone <zone> tcp-rst' is configured, the flowd process may crash when a specific TCP packet is received by the device and triggers a new session. The process restarts automatically. However, receipt of a constant stream of these TCP packets may result in an extended Denial of Service (DoS) condition on the device. This issue affects Juniper Networks Junos OS: 18.2R3 on SRX 5000 Series; 18.4R2 on SRX 5000 Series; 19.2R1 on SRX 5000 Series.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Juniper Networks Junos OS 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Juniper Networks SRX5000是美国瞻博网络(Juniper Networks)公司的一款5000系列安全服务网关设备。Junos OS是一套专用于该公司的硬件设备的网络操作系统。 Juniper Networks Junos OS 18.2R3版本、18.4R2版本和19.2R1版本中存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。以下产品及版本受到影响:SRX 5000 Series(18.2R3版本);SRX 5000 Series(18.4R2版本);
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Juniper NetworksJunos OS 18.2R3 -

II. Public POCs for CVE-2019-0064

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2019-0064

登录查看更多情报信息。

Same Patch Batch · Juniper Networks · 2019-10-09 · 25 CVEs total

CVE-2019-00478.8 HIGHJunos OS: Persistent XSS vulnerability in J-Web
CVE-2019-00708.8 HIGHJunos OS: NFX Series: An Improper Input Validation weakness allows a malicious local attac
CVE-2019-00587.8 HIGHJunos OS: SRX Series: A weakness in the Veriexec subsystem may allow privilege escalation.
CVE-2019-00617.8 HIGHJunos OS: Insecure management daemon (MGD) configuration may allow local privilege escalat
CVE-2019-00577.8 HIGHNFX Series: An attacker may be able to take control of the JDM application and subsequentl
CVE-2019-00717.8 HIGHJunos OS: EX2300, EX3400 Series: Veriexec signature checking not enforced in specific vers
CVE-2019-00607.5 HIGHJunos OS: SRX Series: flowd process crash due to processing of specific transit IP packets
CVE-2019-00567.5 HIGHJunos OS: MX Series: An MPC10 Denial of Service (DoS) due to OSPF states transitioning to
CVE-2019-00557.5 HIGHJunos OS: SRX Series: An attacker may cause flowd to crash by sending certain valid SIP tr
CVE-2019-00507.5 HIGHJunos OS: SRX1500: Denial of service due to crash of srxpfe process under heavy traffic co
CVE-2019-00757.5 HIGHJunos OS: SRX Series: Denial of Service vulnerability in srxpfe related to PIM
CVE-2019-00667.5 HIGHJunos OS: A malformed IPv4 packet received by Junos in an NG-mVPN scenario may cause the r
CVE-2019-00627.5 HIGHJunos OS: Session fixation vulnerability in J-Web
CVE-2019-00597.5 HIGHJunos OS: The routing protocol process (rpd) may crash and generate core files upon receip
CVE-2019-00546.8 MEDIUMJunos OS: SRX Series: An attacker may be able to perform Man-in-the-Middle (MitM) attacks
CVE-2019-00736.6 MEDIUMJunos OS: PKI key pairs are exported with insecure file permissions
CVE-2019-00686.5 MEDIUMJunos OS: SRX Series: Denial of Service vulnerability in flowd due to multicast packets
CVE-2019-00676.5 MEDIUMJunos OS: Kernel crash (vmcore) upon receipt of a specific link-local IPv6 packet on devic
CVE-2019-00516.5 MEDIUMSRX5000 Series: Denial of Service vulnerability in SSL-Proxy feature.
CVE-2019-00636.5 MEDIUMJunos OS: MX Series: jdhcpd crash when receiving a specific crafted DHCP response message

Showing top 20 of 25 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Junos OS
Same vendor: Juniper Networks

V. Comments for CVE-2019-0064

No comments yet

Leave a comment