vulnerability

Juniper Junos OS: 2018-07 Security Bulletin: Junos OS: Stateless IP firewall filter rules stop working as expected after reboot or upgrade (JSA10859) (CVE-2018-0026)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	Jul 11, 2018	Jul 12, 2018	Nov 27, 2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Jul 11, 2018

Added

Jul 12, 2018

Modified

Nov 27, 2024

Description

After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take effect. This issue can be verified by running the command: user@re0> show interfaces extensive | match filters" CAM destination filters: 0, CAM source filters: 0 Note: when the issue occurs, it does not show the applied firewall filter. The correct output should show the applied firewall filter, for example: user@re0> show interfaces extensive | match filters" CAM destination filters: 0, CAM source filters: 0 Input Filters: FIREWAL_FILTER_NAME- This issue affects firewall filters for every address family. Affected releases are Juniper Networks Junos OS: 15.1R4, 15.1R5, 15.1R6 and SRs based on these MRs. 15.1X8 versions prior to 15.1X8.3.

Solution

juniper-junos-os-upgrade-latest

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today