CVE-2018-0048

A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;
References
Link Resource
http://www.securityfocus.com/bid/105564 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041849 Third Party Advisory VDB Entry
https://kb.juniper.net/JSA10882 Vendor Advisory
http://www.securityfocus.com/bid/105564 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041849 Third Party Advisory VDB Entry
https://kb.juniper.net/JSA10882 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:juniper:junos:17.2:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:juniper:junos:17.2x75:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:juniper:junos:18.1:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*

History

21 Nov 2024, 03:37

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/105564 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/105564 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1041849 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1041849 - Third Party Advisory, VDB Entry
References () https://kb.juniper.net/JSA10882 - Vendor Advisory () https://kb.juniper.net/JSA10882 - Vendor Advisory

Information

Published : 2018-10-10 18:29

Updated : 2024-11-21 03:37


NVD link : CVE-2018-0048

Mitre link : CVE-2018-0048

CVE.ORG link : CVE-2018-0048


JSON object : View

Products Affected

juniper

  • junos
CWE
CWE-400

Uncontrolled Resource Consumption