CVE-2019-0048 : Security Advisory and Response

This CVE-2019-0048 article provides details about a vulnerability affecting Juniper Networks' Junos OS on EX4300 Series switches.

Understanding CVE-2019-0048

This vulnerability impacts EX4300 Series switches when a firewall filter is applied to a loopback interface, potentially causing failure of other firewall filters for multicast traffic.

What is CVE-2019-0048?

When TCAM optimization is enabled on EX4300 Series switches, incoming multicast traffic may incorrectly match with a high-priority implicit loopback filter rule, affecting firewall filter functionality.

The Impact of CVE-2019-0048

The vulnerability affects Juniper Networks' Junos OS on specific versions of EX4300 Series switches.
It may lead to multicast traffic issues when applying firewall filters on the loopback interface.

Technical Details of CVE-2019-0048

This section provides in-depth technical insights into the vulnerability.

Vulnerability Description

TCAM optimization on EX4300 switches causes incorrect matching of multicast traffic, impacting firewall filter operations.

Affected Systems and Versions

Junos OS versions prior to 14.1X53-D51, 14.1X53-D115, 17.1R3, 17.2R3-S2, 17.3R3-S3, 17.4R2-S5, 17.4R3, 18.1R3-S1, 18.2R2, and 18.3R2 on EX4300 Series.

Exploitation Mechanism

No known malicious exploitation reported by Juniper SIRT.

Mitigation and Prevention

Learn how to mitigate and prevent the CVE-2019-0048 vulnerability.

Immediate Steps to Take

Disable TCAM optimization on EX Series switches to mitigate the issue.

Long-Term Security Practices

Regularly monitor and update firewall filters to ensure proper functionality.

Patching and Updates

Update to the following software releases: 14.1X53-D51, 14.1X53-D115, 17.1R3, 17.2R3-S2, 17.3R3-S3, 17.4R2-S5, 17.4R3, 18.1R3-S1, 18.2R2, 18.3R2, 18.4R1, and subsequent releases.