CVE-2019-0055 : What You Need to Know

A weakness in the SIP ALG packet processing service of Juniper Networks Junos OS allows attackers to disrupt device functioning by sending specific legitimate SIP traffic, leading to a denial of service (DoS) situation.

Understanding CVE-2019-0055

This CVE affects Juniper Networks Junos OS on SRX Series devices with SIP ALG enabled.

What is CVE-2019-0055?

The vulnerability in SIP ALG processing allows attackers to crash the flowd process by sending certain valid SIP traffic, resulting in a persistent DoS condition.

The Impact of CVE-2019-0055

The vulnerability has a CVSS base score of 7.5 (High severity) with a low attack complexity and high availability impact.

Technical Details of CVE-2019-0055

This section provides detailed technical information about the vulnerability.

Vulnerability Description

The vulnerability in SIP ALG processing can lead to a sustained DoS condition by crashing the flowd process when handling specific SIP traffic.

Affected Systems and Versions

Juniper Networks Junos OS 12.3X48 versions before 12.3X48-D61, 12.3X48-D65 on SRX Series
Juniper Networks Junos OS 15.1X49 versions before 15.1X49-D130 on SRX Series
Juniper Networks Junos OS 17.3 versions before 17.3R3 on SRX Series
Juniper Networks Junos OS 17.4 versions before 17.4R2 on SRX Series

Exploitation Mechanism

Attack Vector: Network
Privileges Required: None
User Interaction: None
Attack Complexity: Low
Scope: Unchanged
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High

Mitigation and Prevention

Steps to address and prevent exploitation of CVE-2019-0055.

Immediate Steps to Take

Disable SIP ALG if not needed

Long-Term Security Practices

Regularly update Junos OS to the patched versions

Patching and Updates

Update to the following software releases: 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2, 18.1R1, and subsequent releases