CVE-2018-0050 : What You Need to Know
Learn about CVE-2018-0050, a vulnerability in Juniper Networks Junos OS allowing attackers to crash the Routing Protocols Daemon (RPD) by sending malformed MPLS RSVP packets, leading to a Denial of Service condition. Find out affected versions and mitigation steps.
A vulnerability in the Routing Protocols Daemon (RPD) of Juniper Networks Junos OS has been discovered, allowing a malicious actor to crash RPD by sending a malformed MPLS RSVP packet, leading to a Denial of Service condition. This CVE affects specific versions of Junos OS.
Understanding CVE-2018-0050
This CVE involves a vulnerability in Juniper Networks Junos OS that can be exploited to crash the Routing Protocols Daemon (RPD) through a malformed MPLS RSVP packet.
What is CVE-2018-0050?
The vulnerability in the Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows attackers to crash RPD by continuously sending a malformed MPLS RSVP packet, resulting in a sustained Denial of Service condition.
The Impact of CVE-2018-0050
- Affected versions: 14.1 versions prior to 14.1R8-S5 and 14.1R9, 14.1X53 versions prior to 14.1X53-D48 on QFX Switching, 14.2 versions prior to 14.1X53-D130 on QFabric System, and 14.2 versions prior to 14.2R4
- Only affects IPv4, not IPv6
- Exploitable if the targeted interface is configured to receive specific traffic
- CVSS Score: 7.5 (High)
Technical Details of CVE-2018-0050
This section provides detailed technical information about the vulnerability.
Vulnerability Description
The vulnerability allows attackers to crash the Routing Protocols Daemon (RPD) by sending malformed MPLS RSVP packets.
Affected Systems and Versions
- Junos OS 14.1 versions prior to 14.1R8-S5 and 14.1R9
- Junos OS 14.1X53 versions prior to 14.1X53-D48 on QFX Switching
- Junos OS 14.2 versions prior to 14.1X53-D130 on QFabric System
- Junos OS 14.2 versions prior to 14.2R4
Exploitation Mechanism
The vulnerability can be exploited by continuously sending malformed MPLS RSVP packets to the targeted interface.
Mitigation and Prevention
Protect your systems from CVE-2018-0050 with the following steps:
Immediate Steps to Take
- Update to the fixed software releases: 14.1R8-S5, 14.1R9, 14.1X53-D130, 14.1X53-D48, 14.2R4, 15.1R1, or later
- Remove MPLS configuration stanzas from at-risk interface configurations
Long-Term Security Practices
- Regularly update Junos OS to the latest versions
- Implement network segmentation and access controls
Patching and Updates
Ensure all systems are updated to the patched software releases to mitigate the vulnerability.