CVE-2019-0028 : Security Advisory and Response

Devices running Junos OS with specific BGP configurations can be vulnerable to a denial of service attack due to the crashing and restarting of the local routing protocol daemon (RPD) process.

Understanding CVE-2019-0028

This CVE involves a vulnerability in Junos OS that can be exploited to cause a denial of service by crashing the RPD process.

What is CVE-2019-0028?

Junos OS devices with BGP graceful restart configurations can experience issues leading to RPD process crashes, potentially resulting in a denial of service situation.

The Impact of CVE-2019-0028

CVSS Base Score: 7.5 (High)
Attack Vector: Network
Availability Impact: High
Attack Complexity: Low
Privileges Required: None
Scope: Unchanged
Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Technical Details of CVE-2019-0028

This section provides detailed technical information about the vulnerability.

Vulnerability Description

The vulnerability allows attackers to repeatedly crash the RPD process on Junos OS devices with specific BGP configurations, leading to a prolonged denial of service.

Affected Systems and Versions

Junos OS versions prior to 16.1R1 are unaffected.
Affected versions include 16.1, 16.1X65, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, and 18.1.

Exploitation Mechanism

An attacker can exploit this vulnerability by causing the RPD process to crash through specific BGP session restarts.

Mitigation and Prevention

Protect your systems from CVE-2019-0028 with the following steps:

Immediate Steps to Take

Disable the BGP graceful restart mechanism.
Limit BGP sessions to trusted peers.

Long-Term Security Practices

Regularly update Junos OS to the patched versions.
Implement network security best practices.

Patching and Updates

Update to the following software releases: 16.1R7, 16.1X65-D48, 16.2R2-S8, 17.1R2-S7, 17.1R3, 17.2R1-S7, 17.2R3, 17.2X75-D102, 17.2X75-D110, 17.2X75-D92, 17.3R2-S2, 17.3R3, 17.4R1-S4, 17.4R2, 18.1R2, 18.2R1, 18.2X75-D5, and subsequent releases.