CVE-2020-1628Sensitive Information Exposure in Networks Junos OS

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.4%
top 40.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedApr 8
Latest updateMay 24

Description

Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an EX4300 switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leading to an information exposure vulnerability. This issue affects Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D53 on EX4300; 15.1 versions prior to 15.1R7-S6 on EX4300; 15.1X49 versions p

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5juniper_networks/junos_os14.1X5314.1X53-D53+14
NVDjuniper/junos15 versions+14

🔴Vulnerability Details

2
GHSA
GHSA-63wf-3ch2-x4r5: Juniper Networks Junos OS uses the 1282022-05-24
CVEList
Junos OS: EX4300: Traffic from the network internal to the device (128.0.0.0) may be forwarded to egress interfaces2020-04-08

📋Vendor Advisories

1
Juniper
CVE-2020-1628: Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing th2020-04-08
CVE-2020-1628 — Sensitive Information Exposure | cvebase