CVE-2019-0060: Junos OS: SRX Series: flowd process crash due to processing of specific transit IP packets

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-0060

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Junos OS: SRX Series: flowd process crash due to processing of specific transit IP packets

Source: NVD (National Vulnerability Database)

Vulnerability Description

The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Juniper Networks Junos OS 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Juniper Networks Junos OS是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS 15.1X49版本、18.2版本和18.4版本（运行在SRX Series）存在安全漏洞。攻击者可利用该漏洞造成拒绝服务。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Juniper Networks	Junos OS	15.1X49 ~ 15.1X49-D171, 15.1X49-D180	-

II. Public POCs for CVE-2019-0060

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2019-0060

Please Login to view more intelligence information

https://kb.juniper.net/JSA10959x_refsource_MISC
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.htmlx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2019-0060

IV. Related Vulnerabilities

Same product: Junos OS

Same vendor: Juniper Networks

V. Comments for CVE-2019-0060

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2019-0060

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2019-0060

III. Intelligence Information for CVE-2019-0060

IV. Related Vulnerabilities

V. Comments for CVE-2019-0060

Leave a comment