CVE-2019-0059
09.10.2019, 20:15
A memory leak vulnerability in the of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific commands from a peered BGP host and having those BGP states delivered to the vulnerable device. This issue affects: Juniper Networks Junos OS: 18.1 versions prior to 18.1R2-S4, 18.1R3-S1; 18.1X75 all versions. Versions before 18.1R1 are not affected.Enginsight
| Vendor | Product | Version |
|---|---|---|
| juniper | junos | 18.1:r2 |
| juniper | junos | 18.1:r2-s1 |
| juniper | junos | 18.1:r2-s2 |
| juniper | junos | 18.1:r3 |
| juniper | junos | 18.1x75:x75 |
| juniper | junos | 18.1x75:x75 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-400 - Uncontrolled Resource ConsumptionThe software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
- CWE-401 - Missing Release of Memory after Effective LifetimeThe software does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.