CVE-2020-1643Improper Handling of Exceptional Conditions in Networks Junos OS

CWE-755Improper Handling of Exceptional Conditions4 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 65.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJul 17
Latest updateMay 24

Description

Execution of the "show ospf interface extensive" or "show ospf interface detail" CLI commands on a Juniper Networks device running Junos OS may cause the routing protocols process (RPD) to crash and restart if OSPF interface authentication is configured, leading to a Denial of Service (DoS). By continuously executing the same CLI commands, a local attacker can repeatedly crash the RPD process causing a sustained Denial of Service. Note: Only systems utilizing ARM processors, found on the EX2300

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os12.3X4812.3X48-D100+13
NVDjuniper/junos14 versions+13

🔴Vulnerability Details

2
GHSA
GHSA-9fv5-j7w3-ph59: Execution of the "show ospf interface extensive" or "show ospf interface detail" CLI commands on a Juniper Networks device running Junos OS may cause2022-05-24
CVEList
Junos OS: EX Series: RPD crash when executing specific "show ospf interface" commands from the CLI with OSPF authentication configured2020-07-17

📋Vendor Advisories

1
Juniper
CVE-2020-1643: Execution of the "show ospf interface extensive" or "show ospf interface detail" CLI commands on a Juniper Networks device running Junos OS may cause2020-07-17
CVE-2020-1643 — Juniper Networks Junos OS vulnerability | cvebase