CVE-2019-0060
The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series.
EPSS 0.41% · 61.5th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper Networks | Junos OS | 18.2R2-S1, 18.4, * |
| juniper | junos | 15.1x49, 15.1x49, 15.1x49 |
Timeline
- Oct 9, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
References
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10962&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10954&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10953&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10957&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10952&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10965&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10964&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10960&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10963&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10958&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10959&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10966&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10956&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10955&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10961&cat=SIRT_1&actp=LIST advisory
- https://kb.juniper.net/JSA10959 url
- https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html url
- https://nvd.nist.gov/vuln/detail/CVE-2019-0060 advisory