Versio.io

CVE-2019-0028

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 10-04-2019 10:29
Last modified: - 24-01-2022 08:16
Total changes: - 2

Description

On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart. By simulating a specific BGP session restart, an attacker can repeatedly crash the RPD process causing prolonged denial of service (DoS). Graceful restart helper mode for BGP is enabled by default. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7; 16.1X65 versions prior to 16.1X65-D48; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.2X75 versions prior to 17.2X75-D92, 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 18.1 versions prior to 18.1R2. Junos OS releases prior to 16.1R1 are not affected.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
None
Confidentiality
None
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
7.5
Base score
3.9
3.6
Exploitability score
Impact score
 

Verification logic

OR
vendor=juniper AND product=junos AND version=16.1 AND update=r1
vendor=juniper AND product=junos AND version=16.2 AND update=-
vendor=juniper AND product=junos AND version=16.2 AND update=r2-s1
vendor=juniper AND product=junos AND version=16.2 AND update=r2-s2
vendor=juniper AND product=junos AND version=16.2 AND update=r2-s3
vendor=juniper AND product=junos AND version=17.1 AND update=r2-s7
vendor=juniper AND product=junos AND version=17.1 AND update=-
vendor=juniper AND product=junos AND version=17.2 AND update=r1-s1
vendor=juniper AND product=junos AND version=16.1x65 AND update=-
vendor=juniper AND product=junos AND version=17.4r2
vendor=juniper AND product=junos AND version=17.2x75 AND update=d102
vendor=juniper AND product=junos AND version=17.2x75 AND update=d110
vendor=juniper AND product=junos AND version=18.1 AND update=-
vendor=juniper AND product=junos AND version=16.1x65 AND update=d35
vendor=juniper AND product=junos AND version=16.1 AND update=r4
vendor=juniper AND product=junos AND version=16.1 AND update=r3
vendor=juniper AND product=junos AND version=16.2 AND update=r2-s4
vendor=juniper AND product=junos AND version=16.2 AND update=r2-s6
vendor=juniper AND product=junos AND version=17.1 AND update=r2-s4
vendor=juniper AND product=junos AND version=17.1 AND update=r2-s6
vendor=juniper AND product=junos AND version=17.2 AND update=r1-s2
vendor=juniper AND product=junos AND version=17.2 AND update=r1-s4
vendor=juniper AND product=junos AND version=17.2 AND update=r1-s6
vendor=juniper AND product=junos AND version=17.2x75 AND update=d92
vendor=juniper AND product=junos AND version=17.2r3
vendor=juniper AND product=junos AND version=17.4 AND update=-
vendor=juniper AND product=junos AND version=17.4 AND update=r1-s1
vendor=juniper AND product=junos AND version=17.3 AND update=r2-s1
vendor=juniper AND product=junos AND version=16.1x65 AND update=d40
vendor=juniper AND product=junos AND version=16.1 AND update=r7
vendor=juniper AND product=junos AND version=16.1 AND update=r6-s1
vendor=juniper AND product=junos AND version=16.1 AND update=r5-s4
vendor=juniper AND product=junos AND version=16.2 AND update=r2-s8
vendor=juniper AND product=junos AND version=16.2 AND update=r2
vendor=juniper AND product=junos AND version=17.1 AND update=r2-s1
vendor=juniper AND product=junos AND version=17.1 AND update=r2-s2
vendor=juniper AND product=junos AND version=17.2 AND update=r1-s7
vendor=juniper AND product=junos AND version=17.2 AND update=r1
vendor=juniper AND product=junos AND version=17.2 AND update=-
vendor=juniper AND product=junos AND version=17.2x75
vendor=juniper AND product=junos AND version=17.4 AND update=r1-s2
vendor=juniper AND product=junos AND version=17.4 AND update=r1-s3
vendor=juniper AND product=junos AND version=17.3 AND update=-
vendor=juniper AND product=junos AND version=17.3 AND update=r2
vendor=juniper AND product=junos AND version=16.1x65 AND update=d30
vendor=juniper AND product=junos AND version=16.1 AND update=r3-s10
vendor=juniper AND product=junos AND version=16.1 AND update=r2
vendor=juniper AND product=junos AND version=16.2 AND update=r2-s5
vendor=juniper AND product=junos AND version=16.2 AND update=r2-s7
vendor=juniper AND product=junos AND version=17.1 AND update=r2-s3
vendor=juniper AND product=junos AND version=17.1 AND update=r2-s5
vendor=juniper AND product=junos AND version=17.2 AND update=r1-s3
vendor=juniper AND product=junos AND version=17.2 AND update=r1-s5
vendor=juniper AND product=junos AND version=17.1r3
vendor=juniper AND product=junos AND version=17.3r3
vendor=juniper AND product=junos AND version=17.4 AND update=r1
 

Reference

 


Keywords

NVD

 

CVE-2019-0028

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.