Junos OS: EX2300 and EX3400 series: Certain stateless firewall filter rules might not take effect (JSA10901)

High Nessus Plugin ID 121389

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

According to its self-reported version number, the remote Juniper Junos device is affected by a vulnerability in which stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take effect.

Solution

Apply the relevant Junos software release referenced in Juniper advisory JSA10901.

See Also

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10901

Plugin Details

Severity: High

ID: 121389

File Name: juniper_jsa10901.nasl

Version: 1.2

Type: combined

Published: 2019/01/25

Updated: 2019/02/26

Dependencies: 55932

Risk Information

Risk Factor: High

CVSS Score Source: CVE-2019-0002

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/o:juniper:junos

Required KB Items: Host/Juniper/JUNOS/Version, Host/Juniper/model

Patch Publication Date: 2019/01/09

Vulnerability Publication Date: 2019/01/09

Reference Information

CVE: CVE-2019-0002

JSA: JSA10901