CVE-2019-0051
Description
SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. For this issue to occur, clients protected by the SRX device must initiate a connection to the malicious server. This issue affects: Juniper Networks Junos OS on SRX5000 Series: 12.3X48 versions prior to 12.3X48-D85; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2.
Risk Information
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-0051,CVE-2019-0052 are fixed in junos 12.3x48-d85 | NCM |
| Vulnerabilities CVE-2019-0051,CVE-2019-0068,CVE-2019-0073 are fixed in junos 15.1x49-d180 | NCM |
| Multiple Vulnerabilities are fixed in junos 17.3R3-S7 | NCM |
| Vulnerabilities CVE-2019-0051,CVE-2020-1607 are fixed in junos 17.4r2-s6 | NCM |
| Multiple Vulnerabilities are fixed in junos 18.1r3-s8 | NCM |
| Multiple Vulnerabilities are fixed in junos 18.2R3 | NCM |
| Multiple Vulnerabilities are fixed in junos 18.3R2 | NCM |
| Multiple Vulnerabilities are fixed in junos 18.4R2 | NCM |
| Multiple Vulnerabilities are fixed in junos 19.1R2 | NCM |
| Improper Handling of Exceptional Conditions Vulnerability (CVE-2019-0051) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234