var-201901-1605
Vulnerability from variot
On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). In a virtual chassis (VC) deployment, this issue disrupts communication between the VC members. This issue does not affect other Junos platforms. Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R2-S2, 18.1R3; 18.2 versions prior to 18.2R2. Junos OS Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Juniper Junos is prone to a local denial-of-service vulnerability. A local attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Juniper EX2300 and EX3400 series are switch products of Juniper Networks (Juniper Networks). Junos OS is a set of operating systems running on it. A security vulnerability exists in Junos OS Release 15.1X53, Release 18.1, and Release 18.2 on the Juniper EX2300 and EX3400 series
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-1605",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "junos",
"scope": "eq",
"trust": 1.3,
"vendor": "juniper",
"version": "18.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "15.1x53"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "18.2"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "15.1x53"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "15.1x53-d590"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "18.2r2"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "18.2"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "18.1r3"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "18.1"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "18.1r2-s2"
},
{
"model": "junos 18.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 18.1r2-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 18.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 18.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x53-d495",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x53-d471",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x53-d470",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x53-d235",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x53-d234",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x53-d233",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x53-d232",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x53-d231",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x53-d230",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ex3400 ethernet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "ex2300 ethernet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junos 18.2r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 18.1r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 18.1r2-s2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x53-d590",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "106548"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001712"
},
{
"db": "NVD",
"id": "CVE-2019-0009"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:juniper:junos",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001712"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "106548"
}
],
"trust": 0.3
},
"cve": "CVE-2019-0009",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-0009",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-140040",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "sirt@juniper.net",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2019-0009",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2019-0009",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-0009",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "sirt@juniper.net",
"id": "CVE-2019-0009",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-0009",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-369",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-140040",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140040"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001712"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-369"
},
{
"db": "NVD",
"id": "CVE-2019-0009"
},
{
"db": "NVD",
"id": "CVE-2019-0009"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). In a virtual chassis (VC) deployment, this issue disrupts communication between the VC members. This issue does not affect other Junos platforms. Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R2-S2, 18.1R3; 18.2 versions prior to 18.2R2. Junos OS Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Juniper Junos is prone to a local denial-of-service vulnerability. \nA local attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Juniper EX2300 and EX3400 series are switch products of Juniper Networks (Juniper Networks). Junos OS is a set of operating systems running on it. A security vulnerability exists in Junos OS Release 15.1X53, Release 18.1, and Release 18.2 on the Juniper EX2300 and EX3400 series",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0009"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001712"
},
{
"db": "BID",
"id": "106548"
},
{
"db": "VULHUB",
"id": "VHN-140040"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0009",
"trust": 2.8
},
{
"db": "BID",
"id": "106548",
"trust": 2.0
},
{
"db": "JUNIPER",
"id": "JSA10909",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001712",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201901-369",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-140040",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140040"
},
{
"db": "BID",
"id": "106548"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001712"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-369"
},
{
"db": "NVD",
"id": "CVE-2019-0009"
}
]
},
"id": "VAR-201901-1605",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-140040"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:26:59.762000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "JSA10909",
"trust": 0.8,
"url": "https://kb.juniper.net/JSA10909"
},
{
"title": "Juniper EX2300 and EX3400 series Junos OS Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88530"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001712"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-369"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140040"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001712"
},
{
"db": "NVD",
"id": "CVE-2019-0009"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/106548"
},
{
"trust": 1.7,
"url": "https://kb.juniper.net/jsa10909"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0009"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0009"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/us/en/products-services/nos/junos/"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10909"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-140040"
},
{
"db": "BID",
"id": "106548"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001712"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-369"
},
{
"db": "NVD",
"id": "CVE-2019-0009"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-140040"
},
{
"db": "BID",
"id": "106548"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001712"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-369"
},
{
"db": "NVD",
"id": "CVE-2019-0009"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-140040"
},
{
"date": "2019-01-09T00:00:00",
"db": "BID",
"id": "106548"
},
{
"date": "2019-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001712"
},
{
"date": "2019-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-369"
},
{
"date": "2019-01-15T21:29:01.137000",
"db": "NVD",
"id": "CVE-2019-0009"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-22T00:00:00",
"db": "VULHUB",
"id": "VHN-140040"
},
{
"date": "2019-01-09T00:00:00",
"db": "BID",
"id": "106548"
},
{
"date": "2019-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001712"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-369"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2019-0009"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "106548"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-369"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Junos OS Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001712"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-369"
}
],
"trust": 0.6
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.