How severe is CVE-2019-0031?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2019-0031?

This is classified as CWE-400, which is a common weakness in software security.

CVE-2019-0031

HIGH Year: 2019

CVSS v3 Score

7.4

High

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-400

View all →

Vulnerability Description

Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. Once started, memory consumption will eventually impact any IPv4 or IPv6 request serviced by the jdhcpd daemon, thus creating a Denial of Service (DoS) condition to clients requesting and not receiving IP addresses. Additionally, some clients which were previously holding IPv6 addresses will not have their IPv6 Identity Association (IA) address and network tables agreed upon by the jdhcpd daemon after the failover event occurs, which leads to more than one interface, and multiple IP addresses, being denied on the client. Affected releases are Juniper Networks Junos OS: 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2.

CVE-2018-0441

HIGH

CVSS:7.4(High)

A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on a...

CWE-4002018

CVE-2018-0471

HIGH

CVSS:7.4(High)

A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could allow an unauthenticated, adjacent attacker to cause a memory leak that may lead ...

CWE-4002018

CVE-2018-3979

HIGH

CVSS:7.4(High)

A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can caus...

CWE-4002018

CVE-2019-11060

HIGH

CVSS:7.4(High)

The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service (DoS) by sending headers very s...

CWE-4002019

CVE-2019-15264

HIGH

CVSS:7.4(High)

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjace...

CWE-4002019

CVE-2019-1696

HIGH

CVSS:7.4(High)

Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote a...

CWE-4002019

CVE-2019-0031

Vulnerability Description

Related Vulnerabilities

CVE-2018-0441

CVE-2018-0471

CVE-2018-3979

CVE-2019-11060

CVE-2019-15264

CVE-2019-1696