CVE-2019-0005
Description
On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS on EX and QFX series;: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R7; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 series; 15.1X53 versions prior to 15.1X53-D591 on EX2300/EX3400 series; 16.1 versions prior to 16.1R7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2.
Affected products
1- Range: 14.1X53 < 14.1X53-D47, 15.1 < 15.1R7, 15.1X53 < 15.1X53-D234 (QFX5200/QFX5110), 15.1X53 < 15.1X53-D591 (EX2300/EX3400), 16.1 < 16.1R7, 17.1 < 17.1R2-S10 or 17.1R3, 17.2 < 17.2R3, 17.3 < 17.3R3, 17.4 < 17.4R2, 18.1 < 18.1R2
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/106665mitrevdb-entryx_refsource_BID
- kb.juniper.net/JSA10905mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.