CVE-2019-0068 : Security Advisory and Response
Learn about CVE-2019-0068, a Denial of Service vulnerability in Junos OS on SRX Series due to specific multicast packets. Find out the impacted systems, exploitation details, and mitigation steps.
A Denial of Service vulnerability in the SRX flowd process of Junos OS on SRX Series due to specific multicast packets.
Understanding CVE-2019-0068
This CVE involves a vulnerability in the SRX flowd process of Junos OS on SRX Series, potentially leading to a Denial of Service (DoS) attack.
What is CVE-2019-0068?
The SRX flowd process, responsible for packet forwarding, can crash and restart when processing specific multicast packets, allowing attackers to trigger a sustained DoS by continuously sending these packets.
The Impact of CVE-2019-0068
- CVSS Base Score: 6.5 (Medium Severity)
- Attack Vector: Adjacent Network
- Availability Impact: High
- No known exploitation of this vulnerability by Juniper SIRT.
Technical Details of CVE-2019-0068
This section provides detailed technical information about the vulnerability.
Vulnerability Description
The vulnerability in the SRX flowd process can be exploited by attackers to crash the process by sending specific multicast packets, resulting in a DoS condition.
Affected Systems and Versions
The following versions of Junos OS on SRX Series are affected:
- Junos OS 17.3
- Junos OS 12.3X48 versions prior to 12.3X48-D90
- Junos OS 15.1X49 versions prior to 15.1X49-D180
- Junos OS 17.4 versions prior to 17.4R2-S5 and 17.4R3
- Junos OS 18.1 versions prior to 18.1R3-S6
- Junos OS 18.2 versions prior to 18.2R2-S4 and 18.2R3
- Junos OS 18.3 versions prior to 18.3R2-S1 and 18.3R3
- Junos OS 18.4 versions prior to 18.4R2
- Junos OS 19.1 versions prior to 19.1R1-S1 and 19.1R2
Exploitation Mechanism
The vulnerability can be exploited by sending specific multicast packets to the SRX flowd process, causing it to crash and restart, leading to a DoS condition.
Mitigation and Prevention
Steps to address and prevent the CVE-2019-0068 vulnerability.
Immediate Steps to Take
- Apply the provided software updates to the affected versions.
Long-Term Security Practices
- Regularly update Junos OS to the latest releases to mitigate potential vulnerabilities.
Patching and Updates
- Install the following software releases to resolve the issue: 12.3X48-D90, 15.1X49-D180, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.3R2-S1, 18.3R3, 18.4R2, 19.1R1-S1, 19.1R2, 19.2R1, and subsequent releases.