CVE-2018-0050: Junos OS: Receipt of a malformed MPLS RSVP packet leads to a Routing Protocols Daemon (RPD) crash.

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-0050

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Junos OS: Receipt of a malformed MPLS RSVP packet leads to a Routing Protocols Daemon (RPD) crash.

Source: NVD (National Vulnerability Database)

Vulnerability Description

An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Juniper Junos OS 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Juniper Junos OS是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件系统的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Junos OS中的路由协议守护进程（RPD）存在安全漏洞。攻击者可借助畸形的MPLS RSVP数据包利用该漏洞造成路由协议守护进程崩溃，导致拒绝服务。以下版本受到影响：Juniper Junos OS 14.1版本，14.1X53版本（QFX Switching），14.2版本（QFabric System）

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Juniper Networks	Junos OS	14.1 ~ 14.1R8-S5, 14.1R9	-
Juniper Networks	Junos OS	14.1X53 ~ 14.1X53-D48	-
Juniper Networks	Junos OS	14.2 ~ 14.1X53-D130	-

II. Public POCs for CVE-2018-0050

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-0050

Please Login to view more intelligence information

https://kb.juniper.net/JSA10884x_refsource_CONFIRM
http://www.securityfocus.com/bid/106206vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041851vdb-entryx_refsource_SECTRACK
https://nvd.nist.gov/vuln/detail/CVE-2018-0050

IV. Related Vulnerabilities

Same product: Junos OS

Same vendor: Juniper Networks

V. Comments for CVE-2018-0050

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2018-0050

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-0050

III. Intelligence Information for CVE-2018-0050

IV. Related Vulnerabilities

V. Comments for CVE-2018-0050

Leave a comment