CVE-2020-1613Improper Adherence to Coding Standards in Networks Junos OS

CWE-710Improper Adherence to Coding Standards4 documents4 sources
Severity
7.5HIGHNVD
CNA8.6
EPSS
0.5%
top 36.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedApr 8
Latest updateMay 24

Description

A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving a specific BGP FlowSpec advertisement. The BGP NOTIFICATION message that terminates an established BGP session is sent toward the peer device that originally sent the specific BGP FlowSpec advertisement. This specific BGP FlowSpec advertisement received from a BGP peer might get propagated from a Junos OS device running the fixed release to anothe

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os15.115.1R7-S5+16
NVDjuniper/junos22 versions+21

🔴Vulnerability Details

2
GHSA
GHSA-9g7g-37p3-qm2q: A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving2022-05-24
CVEList
Junos OS: BGP session termination upon receipt of specific BGP FlowSpec advertisement.2020-04-08

📋Vendor Advisories

1
Juniper
CVE-2020-1613: A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving2020-04-08
CVE-2020-1613 — Improper Adherence to Coding Standards | cvebase