Rewterz Threat Advisory – CVE-2019-1849 – Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability
July 11, 2019Rewterz Threat Alert – Malspam Campaign Dropping Loki Bot Malware
July 11, 2019Rewterz Threat Advisory – CVE-2019-1849 – Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability
July 11, 2019Rewterz Threat Alert – Malspam Campaign Dropping Loki Bot Malware
July 11, 2019Severity
Medium
Analysis Summary
An error when processing fragmented HTTP traffic related to Unified Threat Management (UTM) can be exploited to crash the srxpfe process via a specially crafted HTTP packet.
Impact
Denial of Service
Affected Vendors
Juniper
Affected Products
Juniper Junos OS 12.x
Juniper Junos OS 15.1
Remediation
Update to version 12.3X48-D85, 15.1X49-D181, or 15.1X49-D190.