What is the severity of CVE-2018-0030?

CVE-2018-0030 is classified as a high-severity vulnerability due to its potential to cause a Denial of Service.

How do I fix CVE-2018-0030?

To remediate CVE-2018-0030, upgrade to a software version that has patched the vulnerability, as specified in the vendor advisories.

What systems are affected by CVE-2018-0030?

CVE-2018-0030 affects specific Juniper line cards and devices, including MPC7/8/9 and PTX1K models running certain versions of Junos.

What type of attack is associated with CVE-2018-0030?

The vulnerability can be exploited through a Denial of Service attack by sending specially crafted MPLS packets.

What versions of Junos are vulnerable to CVE-2018-0030?

Versions of Junos such as 15.1, 16.1, 16.2, 17.1, and 17.2 are among those affected by CVE-2018-0030.

Vulnerability/
CVE-2018-0030

high

7.5

CWE

400

11/7/2018

5/8/2024

CVE-2018-0030: Junos OS: MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) and PTX1K: Line card may crash upon receipt of specific MPLS packet.

First published: Wed Jul 11 2018(Updated: )

Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS with MPC7/8/9 or PTX-FPC3 (FPC-P1, FPC-P2) installed and PTX1K: 15.1F versions prior to 15.1F6-S10; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 16.1 versions prior to 16.1R3-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D46; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S4, 17.2R2-S4, 17.2R3; 17.2X75 versions prior to 17.2X75-D70, 17.2X75-D90; 17.3 versions prior to 17.3R1-S4, 17.3R2, 17.4 versions prior to 17.4R1-S2, 17.4R2. Refer to KB25385 for more information about PFE line cards.

Credit: sirt@juniper.net

Affected Software	Affected Version	How to fix
Juniper Junos	=15.1-f
Juniper Junos	=15.1-f2
Juniper Junos	=15.1-f3
Juniper Junos	=15.1-f4
Juniper Junos	=15.1-f5
Juniper Junos	=15.1-f6
Juniper Junos	=15.1
Juniper Junos	=15.1-r1
Juniper Junos	=15.1-r2
Juniper Junos	=15.1-r6-s6
Juniper Junos	=15.1-r7
Juniper Junos	=16.1
Juniper Junos	=16.1-r1
Juniper Junos	=16.1-r2
Juniper Junos	=16.1-r3
Juniper Junos	=16.1-r4-s9
Juniper Junos	=16.1-r5-s4
Juniper Junos	=16.1-r6-s3
Juniper Junos	=16.1-r7
Juniper Junos	=16.1x65
Juniper Junos	=16.1x65-d30
Juniper Junos	=16.1x65-d35
Juniper Junos	=16.1x65-d40
Juniper Junos	=16.2
Juniper Junos	=16.2-r1
Juniper Junos	=16.2-r2-s5
Juniper Junos	=16.2-r3
Juniper Junos	=17.1
Juniper Junos	=17.1-r1
Juniper Junos	=17.1-r2-s7
Juniper Junos	=17.1-r3
Juniper Junos	=17.2
Juniper Junos	=17.2-r1
Juniper Junos	=17.2-r2-s4
Juniper Junos	=17.2-r3
Juniper Junos	=17.3
Juniper Junos	=17.3-r1
Juniper Junos	=17.3-r2
Juniper Junos	=17.4
Juniper Junos	=17.4-r1
Juniper Junos	=17.4-r2
Juniper Junos	=17.2x75
Juniper Junos	=17.2x75-d90

Remedy

The following software releases have been updated to resolve this specific issue: 12.1X46-D77, 12.3X48-D70, 14.1X53-D47, 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7, 15.1X49-D140, 15.1X53-D471, 15.1X53-D59, 15.1X53-D67, 16.1R3-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R7, 16.1X65-D46, 16.2R1-S6, 16.2R2-S5, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R2-S4, 17.2R3, 17.2X75-D70, 17.3R1-S4, 17.3R2, 17.4R1-S2, 17.4R2, 18.1R1, 18.1X75-D10 and all subsequent releases. This fix has been proactively committed into other releases that might not support these specific line card.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-0030?
CVE-2018-0030 is classified as a high-severity vulnerability due to its potential to cause a Denial of Service.
How do I fix CVE-2018-0030?
To remediate CVE-2018-0030, upgrade to a software version that has patched the vulnerability, as specified in the vendor advisories.
What systems are affected by CVE-2018-0030?
CVE-2018-0030 affects specific Juniper line cards and devices, including MPC7/8/9 and PTX1K models running certain versions of Junos.
What type of attack is associated with CVE-2018-0030?
The vulnerability can be exploited through a Denial of Service attack by sending specially crafted MPLS packets.
What versions of Junos are vulnerable to CVE-2018-0030?
Versions of Junos such as 15.1, 16.1, 16.2, 17.1, and 17.2 are among those affected by CVE-2018-0030.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/remedy
agent/weakness
agent/severity
agent/references
agent/author
agent/title
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/juniper
canonical/juniper junos
version/juniper junos/15.1-f
version/juniper junos/15.1-f2
version/juniper junos/15.1-f3
version/juniper junos/15.1-f4
version/juniper junos/15.1-f5
version/juniper junos/15.1-f6
version/juniper junos/15.1
version/juniper junos/15.1-r1
version/juniper junos/15.1-r2
version/juniper junos/15.1-r6-s6
version/juniper junos/15.1-r7
version/juniper junos/16.1
version/juniper junos/16.1-r1
version/juniper junos/16.1-r2
version/juniper junos/16.1-r3
version/juniper junos/16.1-r4-s9
version/juniper junos/16.1-r5-s4
version/juniper junos/16.1-r6-s3
version/juniper junos/16.1-r7
version/juniper junos/16.1x65
version/juniper junos/16.1x65-d30
version/juniper junos/16.1x65-d35
version/juniper junos/16.1x65-d40
version/juniper junos/16.2
version/juniper junos/16.2-r1
version/juniper junos/16.2-r2-s5
version/juniper junos/16.2-r3
version/juniper junos/17.1
version/juniper junos/17.1-r1
version/juniper junos/17.1-r2-s7
version/juniper junos/17.1-r3
version/juniper junos/17.2
version/juniper junos/17.2-r1
version/juniper junos/17.2-r2-s4
version/juniper junos/17.2-r3
version/juniper junos/17.3
version/juniper junos/17.3-r1
version/juniper junos/17.3-r2
version/juniper junos/17.4
version/juniper junos/17.4-r1
version/juniper junos/17.4-r2
version/juniper junos/17.2x75
version/juniper junos/17.2x75-d90

CVE-2018-0030: Junos OS: MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) and PTX1K: Line card may crash upon receipt of specific MPLS packet.

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-0030?

How do I fix CVE-2018-0030?

What systems are affected by CVE-2018-0030?

What type of attack is associated with CVE-2018-0030?

What versions of Junos are vulnerable to CVE-2018-0030?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2018-0030?

How do I fix CVE-2018-0030?

What systems are affected by CVE-2018-0030?

What type of attack is associated with CVE-2018-0030?

What versions of Junos are vulnerable to CVE-2018-0030?