How severe is CVE-2019-0051?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2019-0051?

This is classified as CWE-755, which is a common weakness in software security.

CVE-2019-0051 - HIGH Severity | CVSS 7.5

Vulnerability Description

SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. For this issue to occur, clients protected by the SRX device must initiate a connection to the malicious server. This issue affects: Juniper Networks Junos OS on SRX5000 Series: 12.3X48 versions prior to 12.3X48-D85; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2.

Related Vulnerabilities

CVE-2011-4625

HIGH

CVSS:7.5(High)

simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages.

CWE-7552011

CVE-2012-1109

HIGH

CVSS:7.5(High)

mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic functions

CWE-7552012

CVE-2015-2688

HIGH

CVSS:7.5(High)

buf_pullup in Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly handle unexpected arrival times of buffers with invalid layouts, which allows remote attackers to cause a denial of serv...

CWE-7552015

CVE-2016-11026

HIGH

CVSS:7.5(High)

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. BootReceiver allows attackers to trigger a system crash because of incorrect exception handling. The Sa...

CWE-7552016

CVE-2017-13199

HIGH

CVSS:7.5(High)

In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on. This could lead to a remote denial of service of a critical system proces...

CWE-7552017

CVE-2017-14178

HIGH

CVSS:7.5(High)

In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's acces...

CWE-7552017