CVE-2019-0005
First published: Tue Jan 15 2019(Updated: )
On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS on EX and QFX series;: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R7; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 series; 15.1X53 versions prior to 15.1X53-D591 on EX2300/EX3400 series; 16.1 versions prior to 16.1R7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Junos OS Evolved | =14.1x53 | |
| Junos OS Evolved | =14.1x53-d10 | |
| Junos OS Evolved | =14.1x53-d15 | |
| Junos OS Evolved | =14.1x53-d16 | |
| Junos OS Evolved | =14.1x53-d25 | |
| Junos OS Evolved | =14.1x53-d26 | |
| Junos OS Evolved | =14.1x53-d27 | |
| Junos OS Evolved | =14.1x53-d30 | |
| Junos OS Evolved | =14.1x53-d35 | |
| Junos OS Evolved | =14.1x53-d40 | |
| Junos OS Evolved | =14.1x53-d42 | |
| Junos OS Evolved | =14.1x53-d43 | |
| Junos OS Evolved | =14.1x53-d44 | |
| Junos OS Evolved | =14.1x53-d45 | |
| Junos OS Evolved | =14.1x53-d46 | |
| Juniper EX2300-24T | ||
| Juniper EX2300-C | ||
| Juniper EX3400 | ||
| Juniper EX4600 | ||
| Juniper EX4650 | ||
| Juniper Networks QFX-Series | ||
| Juniper QFX3600-I | ||
| Juniper QFX5100 | ||
| Juniper QFX5110 | ||
| Juniper QFX5120 | ||
| Juniper QFX5200-32C | ||
| Juniper QFX5210-64C | ||
| Junos OS Evolved | =15.1 | |
| Junos OS Evolved | =15.1-r1 | |
| Junos OS Evolved | =15.1-r2 | |
| Junos OS Evolved | =15.1-r3 | |
| Junos OS Evolved | =15.1-r4 | |
| Junos OS Evolved | =15.1-r5 | |
| Junos OS Evolved | =15.1-r6 | |
| Junos OS Evolved | =15.1x53 | |
| Junos OS Evolved | =15.1x53-d20 | |
| Junos OS Evolved | =15.1x53-d21 | |
| Junos OS Evolved | =15.1x53-d30 | |
| Junos OS Evolved | =15.1x53-d32 | |
| Junos OS Evolved | =15.1x53-d33 | |
| Junos OS Evolved | =15.1x53-d34 | |
| Junos OS Evolved | =15.1x53-d50 | |
| Junos OS Evolved | =15.1x53-d51 | |
| Junos OS Evolved | =15.1x53-d52 | |
| Junos OS Evolved | =15.1x53-d210 | |
| Junos OS Evolved | =15.1x53-d230 | |
| Junos OS Evolved | =15.1x53-d234 | |
| Junos OS Evolved | =15.1x53-d55 | |
| Junos OS Evolved | =15.1x53-d57 | |
| Junos OS Evolved | =15.1x53-d58 | |
| Junos OS Evolved | =15.1x53-d59 | |
| Junos OS Evolved | =15.1x53-d590 | |
| Junos OS Evolved | =16.1 | |
| Junos OS Evolved | =16.1-r1 | |
| Junos OS Evolved | =16.1-r2 | |
| Junos OS Evolved | =16.1-r3 | |
| Junos OS Evolved | =16.1-r3-s10 | |
| Junos OS Evolved | =16.1-r4 | |
| Junos OS Evolved | =16.1-r5 | |
| Junos OS Evolved | =16.1-r6 | |
| Junos OS Evolved | =16.1-r6-s6 | |
| Junos OS Evolved | =17.1 | |
| Junos OS Evolved | =17.1-r1 | |
| Junos OS Evolved | =17.1-r1-s7 | |
| Junos OS Evolved | =17.1-r2 | |
| Junos OS Evolved | =17.1-r2-s1 | |
| Junos OS Evolved | =17.1-r2-s2 | |
| Junos OS Evolved | =17.1-r2-s3 | |
| Junos OS Evolved | =17.1-r2-s4 | |
| Junos OS Evolved | =17.1-r2-s5 | |
| Junos OS Evolved | =17.1-r2-s6 | |
| Junos OS Evolved | =17.1-r2-s7 | |
| Junos OS Evolved | =17.1-r2-s8 | |
| Junos OS Evolved | =17.1-r2-s9 | |
| Junos OS Evolved | =17.2 | |
| Junos OS Evolved | =17.2-r1 | |
| Junos OS Evolved | =17.2-r1-s7 | |
| Junos OS Evolved | =17.2-r2 | |
| Junos OS Evolved | =17.3 | |
| Junos OS Evolved | =17.3-r1 | |
| Junos OS Evolved | =17.3-r1-s1 | |
| Junos OS Evolved | =17.3-r1-s4 | |
| Junos OS Evolved | =17.3-r2 | |
| Junos OS Evolved | =17.3-r2-s1 | |
| Junos OS Evolved | =17.3-r2-s2 | |
| Junos OS Evolved | =17.3-r2-s3 | |
| Junos OS Evolved | =17.3-r2-s4 | |
| Junos OS Evolved | =17.3-r2-s5 | |
| Juniper QFX3600 | ||
| Junos OS Evolved | =17.4 | |
| Junos OS Evolved | =17.4-r1 | |
| Junos OS Evolved | =17.4-r1-s1 | |
| Junos OS Evolved | =17.4-r1-s2 | |
| Junos OS Evolved | =17.4-r1-s3 | |
| Junos OS Evolved | =17.4-r1-s4 | |
| Junos OS Evolved | =17.4-r1-s5 | |
| Junos OS Evolved | =17.4-r1-s6 | |
| Junos OS Evolved | =17.4-r1-s7 | |
| Junos OS Evolved | =18.1 | |
| Junos OS Evolved | =18.1-r | |
| Junos OS Evolved | =18.1-r1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-0005?
CVE-2019-0005 is classified as a medium severity vulnerability due to its potential impact on network security.
How do I fix CVE-2019-0005?
To fix CVE-2019-0005, upgrade to a version of Junos that addresses this vulnerability, as specified in Juniper's advisories.
Which devices are affected by CVE-2019-0005?
CVE-2019-0005 affects EX2300, EX3400, EX4600, QFX3K, and QFX5K series devices running impacted versions of Junos.
What is the nature of CVE-2019-0005?
CVE-2019-0005 allows firewall filter configurations to fail to block certain IPv6 packets due to issues with extension header matching.
Is IPv4 packet filtering impacted by CVE-2019-0005?
No, IPv4 packet filtering is unaffected by CVE-2019-0005.
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/juniper
- canonical/junos os evolved
- version/junos os evolved/14.1x53
- version/junos os evolved/14.1x53-d10
- version/junos os evolved/14.1x53-d15
- version/junos os evolved/14.1x53-d16
- version/junos os evolved/14.1x53-d25
- version/junos os evolved/14.1x53-d26
- version/junos os evolved/14.1x53-d27
- version/junos os evolved/14.1x53-d30
- version/junos os evolved/14.1x53-d35
- version/junos os evolved/14.1x53-d40
- version/junos os evolved/14.1x53-d42
- version/junos os evolved/14.1x53-d43
- version/junos os evolved/14.1x53-d44
- version/junos os evolved/14.1x53-d45
- version/junos os evolved/14.1x53-d46
- canonical/juniper ex2300-24t
- canonical/juniper ex2300-c
- canonical/juniper ex3400
- canonical/juniper ex4600
- canonical/juniper ex4650
- canonical/juniper networks qfx-series
- canonical/juniper qfx3600-i
- canonical/juniper qfx5100
- canonical/juniper qfx5110
- canonical/juniper qfx5120
- canonical/juniper qfx5200-32c
- canonical/juniper qfx5210-64c
- version/junos os evolved/15.1
- version/junos os evolved/15.1-r1
- version/junos os evolved/15.1-r2
- version/junos os evolved/15.1-r3
- version/junos os evolved/15.1-r4
- version/junos os evolved/15.1-r5
- version/junos os evolved/15.1-r6
- version/junos os evolved/15.1x53
- version/junos os evolved/15.1x53-d20
- version/junos os evolved/15.1x53-d21
- version/junos os evolved/15.1x53-d30
- version/junos os evolved/15.1x53-d32
- version/junos os evolved/15.1x53-d33
- version/junos os evolved/15.1x53-d34
- version/junos os evolved/15.1x53-d50
- version/junos os evolved/15.1x53-d51
- version/junos os evolved/15.1x53-d52
- version/junos os evolved/15.1x53-d210
- version/junos os evolved/15.1x53-d230
- version/junos os evolved/15.1x53-d234
- version/junos os evolved/15.1x53-d55
- version/junos os evolved/15.1x53-d57
- version/junos os evolved/15.1x53-d58
- version/junos os evolved/15.1x53-d59
- version/junos os evolved/15.1x53-d590
- version/junos os evolved/16.1
- version/junos os evolved/16.1-r1
- version/junos os evolved/16.1-r2
- version/junos os evolved/16.1-r3
- version/junos os evolved/16.1-r3-s10
- version/junos os evolved/16.1-r4
- version/junos os evolved/16.1-r5
- version/junos os evolved/16.1-r6
- version/junos os evolved/16.1-r6-s6
- version/junos os evolved/17.1
- version/junos os evolved/17.1-r1
- version/junos os evolved/17.1-r1-s7
- version/junos os evolved/17.1-r2
- version/junos os evolved/17.1-r2-s1
- version/junos os evolved/17.1-r2-s2
- version/junos os evolved/17.1-r2-s3
- version/junos os evolved/17.1-r2-s4
- version/junos os evolved/17.1-r2-s5
- version/junos os evolved/17.1-r2-s6
- version/junos os evolved/17.1-r2-s7
- version/junos os evolved/17.1-r2-s8
- version/junos os evolved/17.1-r2-s9
- version/junos os evolved/17.2
- version/junos os evolved/17.2-r1
- version/junos os evolved/17.2-r1-s7
- version/junos os evolved/17.2-r2
- version/junos os evolved/17.3
- version/junos os evolved/17.3-r1
- version/junos os evolved/17.3-r1-s1
- version/junos os evolved/17.3-r1-s4
- version/junos os evolved/17.3-r2
- version/junos os evolved/17.3-r2-s1
- version/junos os evolved/17.3-r2-s2
- version/junos os evolved/17.3-r2-s3
- version/junos os evolved/17.3-r2-s4
- version/junos os evolved/17.3-r2-s5
- canonical/juniper qfx3600
- version/junos os evolved/17.4
- version/junos os evolved/17.4-r1
- version/junos os evolved/17.4-r1-s1
- version/junos os evolved/17.4-r1-s2
- version/junos os evolved/17.4-r1-s3
- version/junos os evolved/17.4-r1-s4
- version/junos os evolved/17.4-r1-s5
- version/junos os evolved/17.4-r1-s6
- version/junos os evolved/17.4-r1-s7
- version/junos os evolved/18.1
- version/junos os evolved/18.1-r
- version/junos os evolved/18.1-r1