Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.1266 2019-04 Juniper Security Bulletin: Junos OS 12 April 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Junos OS Publisher: Juniper Networks Operating System: Network Appliance Impact/Access: Administrator Compromise -- Console/Physical Denial of Service -- Remote/Unauthenticated Unauthorised Access -- Remote/Unauthenticated Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2019-0044 CVE-2019-0039 CVE-2019-0037 CVE-2019-0036 CVE-2019-0035 CVE-2019-0034 CVE-2019-0031 Original Bulletin: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10920 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10924 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10925 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10926 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10928 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10929 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10936 Comment: This bulletin contains seven (7) Juniper Networks security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- 2019-04 Security Bulletin: Junos OS: jdhcpd daemon memory consumption Denial of Service when receiving specific IPv6 DHCP packets. (CVE-2019-0031) Article ID: JSA10920 Last Updated: 10 Apr 2019 Version: 6.0 Product Affected: This issue affects Junos OS 17.4, 18.1. Problem: Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. Once started, memory consumption will eventually impact any IPv4 or IPv6 request serviced by the jdhcpd daemon, thus creating a Denial of Service (DoS) condition to clients requesting and not receiving IP addresses. Additionally, some clients which were previously holding IPv6 addresses will not have their IPv6 Identity Association (IA) address and network tables agreed upon by the jdhcpd daemon after the failover event occurs, which leads to more than one interface, and multiple IP addresses, being denied on the client. Affected releases are Juniper Networks Junos OS: o 17.4 versions prior to 17.4R2; o 18.1 versions prior to 18.1R2. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. This issue was found during internal product security testing or research. This issue has been assigned CVE-2019-0031 . Solution: The following software releases have been updated to resolve this specific issue: 17.4R2, 18.1R2, 18.2R1, and all subsequent releases. This issue is being tracked as PR 1333381 which is visible on the Customer Support website. Note: Juniper SIRT's policy is not to evaluate releases which are beyond End of Engineering (EOE) or End of Life (EOL). Workaround: Customers may discontinue processing or serving DHCPv6 address assignments until such time that fixes can be taken. This workaround is helpful for large IPv4 environments with fewer or considered less important IPv6 clients. Implementation: Software Releases, patches and updates are available at https://www.juniper.net /support/downloads/ . Modification History: 2019-04-10: Initial Publication. Related Links: o KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin Publication Process o KB16765: In which releases are vulnerabilities fixed o KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories o Report a Security Vulnerability - How to Contact the Juniper Networks Security Incident Response Team o CVE-2019-0031 at cve.mitre.org CVSS Score: 7.4 (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H) Risk Level: High Risk Assessment: Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories." =============================================================================== 2019-04 Security Bulletin: Junos OS: 'set system ports console insecure' allows root password recovery on OAM volumes (CVE-2019-0035) Article ID: JSA10924 Last Updated: 10 Apr 2019 Version: 1.0 Product Affected: This issue affects Junos OS 15.1, 15.1X49, 15.1X53, 16.1, 16.1X65, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.2X75, 18.3. Problem: When " set system ports console insecure " is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using " set system root-authentication plain-text-password " on systems booted from an OAM (Operations, Administration, and Maintenance) volume, leading to a possible administrative bypass with physical access to the console. OAM volumes (e.g. flash drives) are typically instantiated as /dev/gpt/oam, or /oam for short. Password recovery, changing the root password from a console, should not have been allowed from an insecure console. Affected releases are Juniper Networks Junos OS: o 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; o 15.1X49 versions prior to 15.1X49-D160; o 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D68; o 16.1 versions prior to 16.1R3-S10, 16.1R6-S6, 16.1R7-S3; o 16.1X65 versions prior to 16.1X65-D49; o 16.2 versions prior to 16.2R2-S8; o 17.1 versions prior to 17.1R2-S10, 17.1R3; o 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; o 17.3 versions prior to 17.3R3-S3; o 17.4 versions prior to 17.4R1-S6, 17.4R2-S2; o 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; o 18.2 versions prior to 18.2R2; o 18.2X75 versions prior to 18.2X75-D40; o 18.3 versions prior to 18.3R1-S2. This issue does not affect Junos OS releases prior to 15.1. Administrators can disable root login connections to the console, and if running a fixed release, restrict single-user mode password recovery via the following configuration command: user@host# set system ports console insecure Juniper SIRT is not aware of any malicious exploitation of this vulnerability. This issue was found during internal product security testing or research. This issue has been assigned CVE-2019-0035 . Solution: The following software releases have been updated to resolve this specific issue: Junos OS 15.1F6-S12, 15.1R7-S3, 15.1X49-D160, 15.1X53-D236, 15.1X53-D496, 15.1X53-D68, 16.1R3-S10, 16.1R6-S6, 16.1R7-S3, 16.1X65-D49, 16.2R2-S8, 17.1R2-S10, 17.1R3, 17.2R1-S8, 17.2R3-S1, 17.3R3-S3, 17.4R1-S6, 17.4R2-S2, 18.1R2-S4, 18.1R3-S3, 18.2R2, 18.2X75-D40, 18.3R1-S2, 18.4R1, and all subsequent releases. This issue is being tracked as PR 1368998 which is visible on the Customer Support website. Note: Juniper SIRT's policy is not to evaluate releases which are beyond End of Engineering (EOE) or End of Life (EOL). Workaround: Limit physical access to the recovery console to only trusted administrators. Implementation: Software Releases, patches and updates are available at https://www.juniper.net /support/downloads/ . Modification History: o 2019-04-10: Initial Publication Related Links: o KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin Publication Process. o KB16765: In which releases are vulnerabilities fixed o KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories o Report a Security Vulnerability - How to Contact the Juniper Networks Security Incident Response Team CVSS Score: 6.8 (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) Risk Level: Medium Risk Assessment: Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories." =============================================================================== 2019-04 Security Bulletin: Junos OS: Firewall filter terms named "internal-1" and "internal-2" being ignored (CVE-2019-0036) Article ID: JSA10925 Last Updated: 10 Apr 2019 Version: 1.0 Product Affected: This issue affects Junos OS 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.2X75, 18.3, 18.4. Problem: When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g. "internal-1", "internal-2", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: o All versions prior to and including 12.3; o 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; o 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; o 15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170; o 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; o 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; o 16.2 versions prior to 16.2R2-S9; o 17.1 versions prior to 17.1R3; o 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; o 17.3 versions prior to 17.3R3-S4; o 17.4 versions prior to 17.4R1-S7, 17.4R2-S3; o 18.1 versions prior to 18.1R2-S4, 18.1R3-S4; o 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; o 18.2X75 versions prior to 18.2X75-D40; o 18.3 versions prior to 18.3R1-S3; o 18.4 versions prior to 18.4R1-S1, 18.4R1-S2. Sample configuration: term internal-1 { from { source-address { 157.249.32.21/32; } destination-address { 157.249.197.64/30; } protocol udp; destination-port 123; } then { count scan-ad-internal-1; accept; } } Juniper SIRT is not aware of any malicious exploitation of this vulnerability. This issue was seen during production usage. This issue has been assigned CVE-2019-0036 . Solution: The following software releases have been updated to resolve this specific issue: Junos OS 14.1X53-D130, 14.1X53-D49, 15.1F6-S12, 15.1R7-S4, 15.1X49-D161, 15.1X49-D170, 15.1X53-D236, 15.1X53-D496, 15.1X53-D69, 16.1R7-S4, 16.2R2-S9, 17.1R3, 17.2R1-S8, 17.2R3-S1, 17.3R3-S4, 17.4R1-S7, 17.4R2-S3, 18.1R2-S4, 18.1R3-S4, 18.2R1-S5, 18.2R2-S1, 18.2X75-D40, 18.3R1-S3, 18.4R1-S1, 19.1R1, and all subsequent releases. Note: Fixes are not available for Junos OS 12.1X46, 12.3X48, or 12.3R12 due to the high risk of making changes to earlier releases, and the easily implemented available workaround. This issue is being tracked as PR 1394922 which is visible on the Customer Support website. Note: Juniper SIRT's policy is not to evaluate releases which are beyond End of Engineering (EOE) or End of Life (EOL). Workaround: Avoid configuring firewall filter names of the format: internal-n Implementation: Software Releases, patches and updates are available at https://www.juniper.net /support/downloads/ . Modification History: o 2019-04-10: Initial Publication Related Links: o KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin Publication Process. o KB16765: In which releases are vulnerabilities fixed o KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories o Report a Security Vulnerability - How to Contact the Juniper Networks Security Incident Response Team CVSS Score: 7.2 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) Risk Level: High Risk Assessment: Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories." =============================================================================== 2019-04 Security Bulletin: Junos OS: jdhcpd crash upon receipt of crafted DHCPv6 solicit message (CVE-2019-0037) Article ID: JSA10926 Last Updated: 10 Apr 2019 Version: 1.0 Product Affected: This issue affects Junos OS 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.2X75, 18.3. Problem: In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the jdhcpd process causing a sustained Denial of Service (DoS) to both IPv4 and IPv6 clients. Affected releases are Juniper Networks Junos OS: o 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; o 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180; o 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496; o 16.1 versions prior to 16.1R3-S10, 16.1R7-S4; o 16.2 versions prior to 16.2R2-S8; o 17.1 versions prior to 17.1R2-S10, 17.1R3; o 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; o 17.3 versions prior to 17.3R3-S3; o 17.4 versions prior to 17.4R1-S6, 17.4R2-S3; o 18.1 versions prior to 18.1R2-S4, 18.1R3-S2; o 18.2 versions prior to 18.2R2; o 18.2X75 versions prior to 18.2X75-D30; o 18.3 versions prior to 18.3R1-S2. This issue does not affect Junos OS releases prior to 15.1. Sample configuration: user@host# edit system services dhcp-local-server dhcpv6 Juniper SIRT is not aware of any malicious exploitation of this vulnerability. This issue was seen during production usage. This issue has been assigned CVE-2019-0037 . Solution: The following software releases have been updated to resolve this specific issue: Junos OS 15.1F6-S12, 15.1R7-S3, 15.1X49-D171, 15.1X49-D180, 15.1X53-D236, 15.1X53-D496, 16.1R3-S10, 16.1R7-S4, 16.2R2-S8, 17.1R2-S10, 17.1R3, 17.2R1-S8, 17.2R3-S1, 17.3R3-S3, 17.4R1-S6, 17.4R2-S3, 18.1R2-S4, 18.1R3-S2, 18.2R2, 18.2X75-D30, 18.3R1-S2, 18.4R1, and all subsequent releases. This issue is being tracked as PR 1391983 which is visible on the Customer Support website. Note: Juniper SIRT's policy is not to evaluate releases which are beyond End of Engineering (EOE) or End of Life (EOL). Workaround: No known workaround exists for this issue. Implementation: Software Releases, patches and updates are available at https://www.juniper.net /support/downloads/ . Modification History: o 2019-04-10: Initial Publication Related Links: o KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin Publication Process. o KB16765: In which releases are vulnerabilities fixed o KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories o Report a Security Vulnerability - How to Contact the Juniper Networks Security Incident Response Team CVSS Score: 7.4 (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H) Risk Level: High Risk Assessment: Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories." =============================================================================== 2019-04 Security Bulletin: Junos OS: Login credentials are vulnerable to brute force attacks through the REST API (CVE-2019-0039) Article ID: JSA10928 Last Updated: 10 Apr 2019 Version: 1.0 Product Affected: This issue affects Junos OS 14.1X53, 15.1, 15.1X49, 15.1X53, 16.1, 16.1X65, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.2X75, 18.3. Problem: If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a strong password policy can increase the likelihood of success from brute force attacks. Affected releases are Juniper Networks Junos OS: o 14.1X53 versions prior to 14.1X53-D49; o 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; o 15.1X49 versions prior to 15.1X49-D160; o 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D495, 15.1X53-D591, 15.1X53-D69; o 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S3; o 16.1X65 versions prior to 16.1X65-D49; o 16.2 versions prior to 16.2R2-S7; o 17.1 versions prior to 17.1R2-S10, 17.1R3; o 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; o 17.3 versions prior to 17.3R3-S2; o 17.4 versions prior to 17.4R1-S6, 17.4R2-S2; o 18.1 versions prior to 18.1R2-S4, 18.1R3-S1; o 18.2 versions prior to 18.2R1-S5; o 18.2X75 versions prior to 18.2X75-D30; o 18.3 versions prior to 18.3R1-S1. The REST API can be enabled using the following configuration option: system services rest http system services rest enable-explorer Juniper SIRT is not aware of any malicious exploitation of this vulnerability. This issue was found during internal product security testing or research. This issue has been assigned CVE-2019-0039 . Solution: The following software releases have been updated to resolve this specific issue: Junos OS 14.1X53-D49, 15.1F6-S12, 15.1R7-S3, 15.1X49-D160, 15.1X53-D236, 15.1X53-D495, 15.1X53-D591, 15.1X53-D69, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S3, 16.1X65-D49, 16.2R2-S7, 17.1R2-S10, 17.1R3, 17.2R1-S8, 17.2R3-S1, 17.3R3-S2, 17.4R1-S6, 17.4R2-S2, 18.1R2-S4, 18.1R3-S1, 18.2R1-S5, 18.2X75-D30, 18.3R1-S1, 18.4R1, and all subsequent releases. This issue is being tracked as PR 1289313 which is visible on the Customer Support website. Note: Juniper SIRT's policy is not to evaluate releases which are beyond End of Engineering (EOE) or End of Life (EOL). Workaround: o Setting a connection limit on REST API may help mitigate this issue. For example: set system services rest control connection-limit 100 o Use access lists or firewall filters to limit API access to the device only from trusted hosts. Implementation: Software Releases, patches and updates are available at https://www.juniper.net /support/downloads/ . Modification History: o 2019-04-10: Initial Publication Related Links: o KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin Publication Process. o KB16765: In which releases are vulnerabilities fixed o KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories o Report a Security Vulnerability - How to Contact the Juniper Networks Security Incident Response Team CVSS Score: 5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) Risk Level: Medium Risk Assessment: Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories." =============================================================================== 2019-04 Security Bulletin: Junos OS: Specially crafted packets sent to port 111 on any interface triggers responses from the management interface (CVE-2019-0040) Article ID: JSA10929 Product Affected: This issue affects Junos OS 15.1, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4. Problem: On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI). External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source address of the management interface (e.g. fxp0) thus disclosing internal addressing and existence of the management interface itself. A high rate of crafted packets destined to port 111 may also lead to a partial Denial of Service (DoS). Note: Systems with fxp0 disabled or unconfigured are not vulnerable to this issue. This issue only affects Junos OS releases based on FreeBSD 10 or higher (typically Junos OS 15.1+). Administrators can confirm whether systems are running a version of Junos OS based on FreeBSD 10 or higher by typing: user@junos> show version | match kernel JUNOS OS Kernel 64-bit [20181214.223829_fbsd-builder_stable_10] Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X53 versions prior to 15.1X53-D236; 16.1 versions prior to 16.1R7-S1; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8; 17.3 versions prior to 17.3R2; 17.4 versions prior to 17.4R1-S1, 17.4R1-S7, 17.4R2. This issue does not affect Junos OS releases prior to 15.1. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. This issue was seen during production usage. This issue has been assigned CVE-2019-0040. Solution: The following software releases have been updated to resolve this specific issue: Junos OS 15.1F6-S12, 15.1R7-S4, 15.1X53-D236, 16.1R7-S1, 16.2R2-S9, 17.1R3, 17.2R1-S8, 17.2R3, 17.3R2, 17.4R1-S1, 17.4R1-S7, 17.4R2, 18.1R1, 18.1X75-D10, and all subsequent releases. This issue is being tracked as PR 1296262 which is visible on the Customer Support website. Note: Juniper SIRT's policy is not to evaluate releases which are beyond End of Engineering (EOE) or End of Life (EOL). Workaround: Use access lists or firewall filters to limit access to port 111 on the device. Disable the management interface (fxp0) if it is not needed in a production environment. If neither MS MICs nor MS MPCs are deployed, an additional option is to disable rpcbind via the configuration command: set system processes rpcbind-service disable Implementation: Software Releases, patches and updates are available at https://www.juniper.net/support/downloads/. Modification History: 2019-04-10: Initial Publication Related Links: o KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin Publication Process. o KB16765: In which releases are vulnerabilities fixed? o KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories o Report a Security Vulnerability - How to Contact the Juniper Networks Security Incident Response Team CVSS Score: 6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) Risk Level: Medium Risk Assessment: Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories." =============================================================================== 2019-04 Security Bulletin: Junos OS: SRX5000 series: Kernel crash (vmcore) upon receipt of a specific packet on fxp0 interface (CVE-2019-0044) Article ID: JSA10936 Last Updated: 10 Apr 2019 Version: 2.0 Product Affected: This issue affects Junos OS 12.1X46, 12.3X48, 15.1X49. Affected platforms: SRX5000 series. Problem: Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the system (vmcore) causing prolonged Denial of Service (DoS). Affected releases are Juniper Networks SRX5000 Series: o 12.1X46 versions prior to 12.1X46-D82; o 12.3X48 versions prior to 12.3X48-D80; o 15.1X49 versions prior to 15.1X49-D160. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. This issue was seen during production usage. This issue has been assigned CVE-2019-0044 . Solution: The following software releases have been updated to resolve this specific issue: 12.1X46-D82, 12.3X48-D80, 15.1X49-D160 and all subsequent releases. This issue is being tracked as PR 1362221 which is visible on the Customer Support website. Note: Juniper SIRT's policy is not to evaluate releases which are beyond End of Engineering (EOE) or End of Life (EOL). Workaround: There are no known workarounds for this issue. Implementation: Software Releases, patches and updates are available at https://www.juniper.net /support/downloads/ . Modification History: o 2019-04-10: Initial Publication. o 2019-04-10: Minor description edit. Related Links: o KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin Publication Process. o KB16765: In which releases are vulnerabilities fixed o KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories o Report a Security Vulnerability - How to Contact the Juniper Networks Security Incident Response Team o CVE-2019-0044 at cve.mitre.org o https://kb.juniper.net/JSA10936 CVSS Score: 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Risk Level: High Risk Assessment: Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories." - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXLAiNGaOgq3Tt24GAQiQERAAtKkbHhPpfRVXuqywCRXGA4tfql8i2vl0 nv0LakNq6OVSnK+hygcvjNn/Zm5M1I1cpawzdypVoxqAzMypNYH2T0tZzm5b+WUN B+WVjg0H1Tb0PNvl0orwwv77NYVxKVxkeHecJE70F12ri51f57plCCPtwgaD7LsO 5G2gHATqHDMcoftW7Ag2HNiJUVpiOCfhRDl5Ej9Hq2bH9Te/R5Xtegy0LNSZkg0s Kpus5HMijEWDWdxqA/ZLwroGXx9RVDUcWS22cUAcQMTO7fBbuDwBXqY2e6kZTZfS m1lmZCLB8TvTfObyGYgKG83ErQQN42LqU957+VcpIoXdnHEKOOtjA2f7ZEx8yN0B EOyEaiTfSrEzCFx5wn5c+38gChYGwmejnBQY6IgTtW38x+92YHOjR058gJdUDss2 bzE5VWn5B/JzhqboC5ORS0VACtdrjTvFLv7SKJWgfq2kY06fduWLepGvjTfy6szA yw3ZzGw0UYxjM80ktKM5T01vE5NqgceQYSVx1062mx+Ei182GkbzCl1yhr5SGvhe ZN1RgRMuod1JtZ3WLqepAO6vaWF8oE6JV4C4+y/0edeqn7LiwphPEL9OYr+iisyt fk3aJmZfMZfi2wJcp0x5wlzDMtiBk7mX15Rux4DS6MhkJlMTjRpa+jE6UE03exOJ riV6kC9np/g= =FHnI -----END PGP SIGNATURE-----