CVE-2020-1604 — Improper Access Control in Networks Junos OS

CWE-284 — Improper Access Control4 documents4 sources

Severity

5.3MEDIUMNVD

CNA6.5

EPSS

0.2%

top 62.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedJan 15

Latest updateMay 24

Description

On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certain packets to fail. This issue only affects firewall filter evaluation of certain packets destined to the device Routing Engine (RE). This issue does not affect the Layer 2 firewall filter evaluation nor does it affect the Layer 3 firewall filter evaluation destined to connected hosts. This issue may occur when evaluating both IPv4 or IPv6 packets. …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os14.1X53 — 14.1X53-D12+10

▶NVDjuniper/junos9 versions+8

🔴Vulnerability Details

GHSA

GHSA-p4x7-xx93-8jx9: On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certai↗2022-05-24

▶

CVEList

Junos OS: EX4300/EX4600/QFX3500/QFX5100 Series: Stateless IP firewall filter may fail to evaluate certain packets↗2020-01-15

▶

📋Vendor Advisories

Juniper

CVE-2020-1604: On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certai↗2020-01-15

▶