CVE-2020-1661 — Networks Junos OS vulnerability

4 documents4 sources

Severity

5.3MEDIUMNVD

EPSS

0.3%

top 49.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedOct 16

Latest updateMay 24

Description

On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process might crash when receiving a malformed DHCP packet. This issue only affects devices configured as DHCP forwarder with forward-only option, that forward specified DHCP client packets, without creating a new subscriber session. The jdhcpd daemon automatically restarts without intervention, but continuous receipt of the malformed DHCP packet will repea…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os12.3 — 12.3R12-S16+6

▶NVDjuniper/junos7 versions+6

🔴Vulnerability Details

GHSA

GHSA-6jc4-v9x6-xhg3: On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process m↗2022-05-24

▶

CVEList

Junos OS: jdhcpd process crash when forwarding a malformed DHCP packet.↗2020-10-16

▶

📋Vendor Advisories

Juniper

CVE-2020-1661: On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process m↗2020-10-16

▶