CVE-2018-0030

Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS with MPC7/8/9 or PTX-FPC3 (FPC-P1, FPC-P2) installed and PTX1K: 15.1F versions prior to 15.1F6-S10; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 16.1 versions prior to 16.1R3-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D46; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S4, 17.2R2-S4, 17.2R3; 17.2X75 versions prior to 17.2X75-D70, 17.2X75-D90; 17.3 versions prior to 17.3R1-S4, 17.3R2, 17.4 versions prior to 17.4R1-S2, 17.4R2. Refer to KB25385 for more information about PFE line cards.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.securitytracker.com/id/1041325	Third Party Advisory VDB Entry
https://kb.juniper.net/JSA10864	Vendor Advisory
https://kb.juniper.net/KB25385	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:juniper:junos:15.1:f::::::
	cpe:2.3:o:juniper:junos:15.1:f2::::::
	cpe:2.3:o:juniper:junos:15.1:f3::::::
	cpe:2.3:o:juniper:junos:15.1:f4::::::
	cpe:2.3:o:juniper:junos:15.1:f5::::::
	cpe:2.3:o:juniper:junos:15.1:f6::::::

Configuration 2 (hide)

OR	cpe:2.3:o:juniper:junos:15.1:::::::*
	cpe:2.3:o:juniper:junos:15.1:f4::::::
	cpe:2.3:o:juniper:junos:15.1:r1::::::
	cpe:2.3:o:juniper:junos:15.1:r2::::::
	cpe:2.3:o:juniper:junos:15.1:r6-s6::::::
	cpe:2.3:o:juniper:junos:15.1:r7::::::

Configuration 3 (hide)

OR	cpe:2.3:o:juniper:junos:16.1:::::::*
	cpe:2.3:o:juniper:junos:16.1:r1::::::
	cpe:2.3:o:juniper:junos:16.1:r2::::::
	cpe:2.3:o:juniper:junos:16.1:r3::::::
	cpe:2.3:o:juniper:junos:16.1:r4-s9::::::
	cpe:2.3:o:juniper:junos:16.1:r5-s4::::::
	cpe:2.3:o:juniper:junos:16.1:r6-s3::::::
	cpe:2.3:o:juniper:junos:16.1:r7::::::

Configuration 4 (hide)

OR	cpe:2.3:o:juniper:junos:16.1x65:::::::*
	cpe:2.3:o:juniper:junos:16.1x65:d30::::::
	cpe:2.3:o:juniper:junos:16.1x65:d35::::::
	cpe:2.3:o:juniper:junos:16.1x65:d40::::::

Configuration 5 (hide)

OR	cpe:2.3:o:juniper:junos:16.2:::::::*
	cpe:2.3:o:juniper:junos:16.2:r1::::::
	cpe:2.3:o:juniper:junos:16.2:r2-s5::::::
	cpe:2.3:o:juniper:junos:16.2:r3::::::

Configuration 6 (hide)

OR	cpe:2.3:o:juniper:junos:17.1:::::::*
	cpe:2.3:o:juniper:junos:17.1:r1::::::
	cpe:2.3:o:juniper:junos:17.1:r2-s7::::::
	cpe:2.3:o:juniper:junos:17.1:r3::::::

Configuration 7 (hide)

OR	cpe:2.3:o:juniper:junos:17.2:::::::*
	cpe:2.3:o:juniper:junos:17.2:r1::::::
	cpe:2.3:o:juniper:junos:17.2:r2-s4::::::
	cpe:2.3:o:juniper:junos:17.2:r3::::::

Configuration 8 (hide)

OR	cpe:2.3:o:juniper:junos:17.3:::::::*
	cpe:2.3:o:juniper:junos:17.3:r1::::::
	cpe:2.3:o:juniper:junos:17.3:r2::::::

Configuration 9 (hide)

OR	cpe:2.3:o:juniper:junos:17.4:::::::*
	cpe:2.3:o:juniper:junos:17.4:r1::::::
	cpe:2.3:o:juniper:junos:17.4:r2::::::

Configuration 10 (hide)

OR	cpe:2.3:o:juniper:junos:17.2x75:::::::*
	cpe:2.3:o:juniper:junos:17.2x75:d90::::::

History

No history.

Information

Published : 2018-07-11 18:29

Updated : 2023-12-10 12:44

NVD link : CVE-2018-0030

Mitre link : CVE-2018-0030

CVE.ORG link : CVE-2018-0030

JSON object : View

Products Affected

juniper

junos

CWE

CWE-400

Uncontrolled Resource Consumption

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2018-0030

7.5^/10

5.0^/10

Attach tags to `CVE-2018-0030`