Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-0049

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash. Continued receipt of this specifically crafted malicious MPLS packet will cause a sustained Denial of Service condition. This issue require it to be received on an interface configured to receive this type of traffic. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and including 12.1X46-D76 prior to 12.1X46-D81 on SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 12.3R12-S10; 12.3X48 versions above and including 12.3X48-D66 prior to 12.3X48-D75 on SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions above and including 14.1X53-D115 prior to 14.1X53-D130 on QFabric System; 15.1 versions above and including 15.1F6-S10; 15.1R4-S9; 15.1R6-S6; 15.1 versions above and including 15.1R7 prior to 15.1R7-S2; 15.1X49 versions above and including 15.1X49-D131 prior to 15.1X49-D150 on SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 15.1X53 versions above 15.1X53-D233 prior to 15.1X53-D235 on QFX5200/QFX5110; 15.1X53 versions up to and including 15.1X53-D471 prior to 15.1X53-D590 on NFX150, NFX250; 15.1X53-D67 on QFX10000 Series; 15.1X53-D59 on EX2300/EX3400; 16.1 versions above and including 16.1R3-S8; 16.1 versions above and including 16.1R4-S9 prior to 16.1R4-S12; 16.1 versions above and including 16.1R5-S4; 16.1 versions above and including 16.1R6-S3 prior to 16.1R6-S6; 16.1 versions above and including 16.1R7 prior to 16.1R7-S2; 16.2 versions above and including 16.2R1-S6; 16.2 versions above and including 16.2R2-S5 prior to 16.2R2-S7; 17.1R1-S7; 17.1 versions above and including 17.1R2-S7 prior to 17.1R2-S9; 17.2R1-S6; 17.2 versions above and including 17.2R2-S4 prior to 17.2R2-S6; 17.2X75 versions above and including 17.2X75-D100 prior to X17.2X75-D101, 17.2X75-D110; 17.3 versions above and including 17.3R1-S4 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 17.3 versions above and including 17.3R2-S2 prior to 17.3R2-S4 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 17.3R3 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 17.4 versions above and including 17.4R1-S3 prior to 17.4R1-S5 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 17.4R2 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 18.1 versions above and including 18.1R2 prior to 18.1R2-S3, 18.1R3 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 18.2 versions above and including 18.2R1 prior to 18.2R1-S2, 18.2R1-S3, 18.2R2 on All non-SRX Series and SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 and vSRX; 18.2X75 versions above and including 18.2X75-D5 prior to 18.2X75-D20.

Published

2018-10-10T18:29:02.030

Last Modified

2024-11-21T03:37:25.997

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: COMPLETE
Exploitability Score

8.6

Impact Score

6.9

Weaknesses
  • Type: Primary
    CWE-476
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System juniper junos 12.1x46 Yes
Operating System juniper junos 12.1x46 Yes
Operating System juniper junos 12.3x48 Yes
Operating System juniper junos 12.3x48 Yes
Hardware juniper srx100 - No
Hardware juniper srx110 - No
Hardware juniper srx1400 - No
Hardware juniper srx1500 - No
Hardware juniper srx210 - No
Hardware juniper srx220 - No
Hardware juniper srx240 - No
Hardware juniper srx240h2 - No
Hardware juniper srx300 - No
Hardware juniper srx320 - No
Hardware juniper srx340 - No
Hardware juniper srx3400 - No
Hardware juniper srx345 - No
Hardware juniper srx3600 - No
Hardware juniper srx380 - No
Hardware juniper srx4000 - No
Hardware juniper srx4100 - No
Hardware juniper srx4200 - No
Hardware juniper srx4600 - No
Hardware juniper srx5000 - No
Hardware juniper srx5400 - No
Hardware juniper srx550 - No
Hardware juniper srx550_hm - No
Hardware juniper srx550m - No
Hardware juniper srx5600 - No
Hardware juniper srx5800 - No
Hardware juniper srx650 - No
Operating System juniper junos 12.3 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 15.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.1 Yes
Operating System juniper junos 16.2 Yes
Operating System juniper junos 16.2 Yes
Operating System juniper junos 16.2 Yes
Operating System juniper junos 16.2 Yes
Operating System juniper junos 16.2 Yes
Operating System juniper junos 16.2 Yes
Operating System juniper junos 16.2 Yes
Operating System juniper junos 17.1 Yes
Operating System juniper junos 17.1 Yes
Operating System juniper junos 17.1 Yes
Operating System juniper junos 17.2 Yes
Operating System juniper junos 17.2 Yes
Operating System juniper junos 17.2x75 Yes
Operating System juniper junos 18.2x75 Yes
Operating System juniper junos 18.2x75 Yes
Operating System juniper junos 14.1x53 Yes
Hardware juniper ex2200 - No
Hardware juniper ex2200-vc - No
Hardware juniper ex3200 - No
Hardware juniper ex3300 - No
Hardware juniper ex3300-vc - No
Hardware juniper ex4200 - No
Hardware juniper ex4300 - No
Hardware juniper ex4550 - No
Hardware juniper ex4550-vc - No
Hardware juniper ex4600 - No
Hardware juniper ex6200 - No
Hardware juniper ex8200 - No
Hardware juniper ex8200-vc - No
Hardware juniper qfx3500 - No
Hardware juniper qfx3600 - No
Hardware juniper qfx5100 - No
Operating System juniper junos 15.1x49 Yes
Operating System juniper junos 15.1x49 Yes
Operating System juniper junos 17.3 Yes
Operating System juniper junos 17.3 Yes
Operating System juniper junos 17.3 Yes
Operating System juniper junos 17.3 Yes
Operating System juniper junos 17.3 Yes
Operating System juniper junos 17.3 Yes
Operating System juniper junos 17.4 Yes
Operating System juniper junos 17.4 Yes
Operating System juniper junos 17.4 Yes
Operating System juniper junos 18.1 Yes
Operating System juniper junos 18.1 Yes
Operating System juniper junos 18.1 Yes
Operating System juniper junos 18.2 Yes
Hardware juniper srx100 - No
Hardware juniper srx110 - No
Hardware juniper srx1500 - No
Hardware juniper srx210 - No
Hardware juniper srx220 - No
Hardware juniper srx240m - No
Hardware juniper srx300 - No
Hardware juniper srx320 - No
Hardware juniper srx340 - No
Hardware juniper srx345 - No
Hardware juniper srx4100 - No
Hardware juniper srx4200 - No
Hardware juniper srx4600 - No
Hardware juniper srx550m - No
Hardware juniper srx650 - No
Operating System juniper junos 15.1x53 Yes
Operating System juniper junos 15.1x53 Yes
Hardware juniper qfx5110 - No
Hardware juniper qfx5200 - No
Operating System juniper junos 15.1x53 Yes
Operating System juniper junos 15.1x53 Yes
Operating System juniper junos 15.1x53 Yes
Hardware juniper nfx150 - No
Hardware juniper nfx250 - No
Operating System juniper junos 15.1x53 Yes
Hardware juniper qfx10000 - No
Hardware juniper qfx10002 - No
Hardware juniper qfx10002-32q - No
Hardware juniper qfx10002-60c - No
Hardware juniper qfx10002-72q - No
Hardware juniper qfx10008 - No
Hardware juniper qfx10016 - No
Operating System juniper junos 15.1x53 Yes
Hardware juniper ex2300 - No
Hardware juniper ex3400 - No
References