juniper junos 跨界内存写

CVE编号

CVE-2019-0008

利用情况

暂无

补丁情况

N/A

披露时间

2019-04-11
漏洞描述
A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. Affected releases are Juniper Networks Junos OS on QFX 5000 series, EX4300, EX4600 are: 14.1X53; 15.1X53 versions prior to 15.1X53-D235; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2, 17.3R4; 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1, 18.1R4; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R2.
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
系统 juniper junos * From
(including)
15.1x53
Up to
(excluding)
15.1x53-d235
运行在以下环境
系统 juniper junos * From
(including)
17.1
Up to
(excluding)
17.1r3
运行在以下环境
系统 juniper junos * From
(including)
17.2
Up to
(excluding)
17.2r3
运行在以下环境
系统 juniper junos * From
(including)
17.3
Up to
(excluding)
17.3r3-s2
运行在以下环境
系统 juniper junos * From
(including)
17.4
Up to
(excluding)
17.4r2-s1
运行在以下环境
系统 juniper junos * From
(including)
18.1
Up to
(excluding)
18.1r3-s1
运行在以下环境
系统 juniper junos * From
(including)
18.2
Up to
(excluding)
18.2r2
运行在以下环境
系统 juniper junos * From
(including)
18.2x75
Up to
(excluding)
18.2x75-d30
运行在以下环境
系统 juniper junos * From
(including)
18.3
Up to
(excluding)
18.3r2
运行在以下环境
系统 juniper junos 14.1x53 -
运行在以下环境
系统 juniper junos 17.3r4 -
运行在以下环境
系统 juniper junos 17.4r3 -
运行在以下环境
系统 juniper junos 18.1r4 -
运行在以下环境
硬件 juniper ex4300 - -
运行在以下环境
硬件 juniper ex4300m - -
运行在以下环境
硬件 juniper ex4600 - -
运行在以下环境
硬件 juniper ex4650 - -
运行在以下环境
硬件 juniper qfx5100 - -
运行在以下环境
硬件 juniper qfx5110 - -
运行在以下环境
硬件 juniper qfx5120 - -
运行在以下环境
硬件 juniper qfx5200-32c - -
运行在以下环境
硬件 juniper qfx5200-48y - -
运行在以下环境
硬件 juniper qfx5210-64c - -
CVSS3评分
9.8
  • 攻击路径
    网络
  • 攻击复杂度
  • 权限要求
  • 影响范围
    未更改
  • 用户交互
  • 可用性
  • 保密性
  • 完整性
CWE-ID 漏洞类型
CWE-787 跨界内存写
阿里云安全产品覆盖情况