What is CVE-2019-0060?

CVE-2019-0060 is a high-severity vulnerability in Juniper Csrx, classified under Improper Handling of Exceptional Conditions. CVSS score: 7.5/10. Published 2019-10-09.

How severe is CVE-2019-0060?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Juniper Csrx

CVE-2019-0060

The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extend…

EPSS: 0.013 (67.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Juniper Csrx
Juniper Junos — versions 15.1x49, 18.2, 18.4
Juniper Srx100
Juniper Srx110
Juniper Srx1400
Juniper Srx1500
Juniper Srx210
Juniper Srx220
Juniper Srx240
Juniper Srx300

Weakness classification (CWE)

CWE-755 — Improper Handling of Exceptional Conditions

References

sirt@juniper.net (x_refsource_MISC, Vendor Advisory)
sirt@juniper.net (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2019-0060?: CVE-2019-0060 is a high-severity vulnerability in Juniper Csrx, classified under Improper Handling of Exceptional Conditions. CVSS score: 7.5/10. Published 2019-10-09.
How severe is CVE-2019-0060?: High severity. CVSS v3 base score is 7.5 out of 10.