Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2019-0002

Incomplete Filtering of Multiple Instances of Special Elements

Published: Jan 15, 2019 | Modified: Nov 21, 2024
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2019-0002
CWEhttps://cwe.mitre.org/data/definitions/794.html

On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action policer in combination with other actions might not take effect. When this issue occurs, the output of the command: show pfe filter hw summary will not show the entry for: RACL group Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2. This issue affect both IPv4 and IPv6 firewall filter.

Weakness

The product receives data from an upstream component, but does not filter all instances of a special element before sending it to a downstream component.

Affected Software

Name Vendor Start Version End Version
Junos Juniper 15.1x53-d50 (including) 15.1x53-d50 (including)
Junos Juniper 15.1x53-d51 (including) 15.1x53-d51 (including)
Junos Juniper 15.1x53-d52 (including) 15.1x53-d52 (including)
Junos Juniper 15.1x53-d55 (including) 15.1x53-d55 (including)
Junos Juniper 15.1x53-d57 (including) 15.1x53-d57 (including)
Junos Juniper 15.1x53-d58 (including) 15.1x53-d58 (including)
Junos Juniper 15.1x53-d59 (including) 15.1x53-d59 (including)
Junos Juniper 18.1 (including) 18.1 (including)
Junos Juniper 18.1-r1 (including) 18.1-r1 (including)
Junos Juniper 18.1-r2 (including) 18.1-r2 (including)
Junos Juniper 18.1-r2-s1 (including) 18.1-r2-s1 (including)
Junos Juniper 18.1-r2-s2 (including) 18.1-r2-s2 (including)
Junos Juniper 18.1-r2-s4 (including) 18.1-r2-s4 (including)
Junos Juniper 18.2 (including) 18.2 (including)
Junos Juniper 18.2-r1 (including) 18.2-r1 (including)
Junos Juniper 18.2-r1-s3 (including) 18.2-r1-s3 (including)
Junos Juniper 18.2-r1-s4 (including) 18.2-r1-s4 (including)
Junos Juniper 18.2-r1-s5 (including) 18.2-r1-s5 (including)

Extended Description

Incomplete filtering of this nature may be applied to:

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use