CVE-2020-1665Incomplete Filtering of Multiple Instances of Special Elements in Networks Junos OS

CWE-794Incomplete Filtering of Multiple Instances of Special Elements4 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.2%
top 53.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedOct 16
Latest updateMay 24

Description

On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect when it reaches the threshold condition. The DDoS protection allows the device to continue to function while it is under DDoS attack, protecting both the Routing Engine (RE) and the Flexible PIC Concentrator (FPC) during the DDoS attack. When this issue occurs, the RE and/or the FPC can become overwhelmed, which could disrupt network protocol oper

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5juniper_networks/junos_os17.217.2R3-S4+6
NVDjuniper/junos7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-hfqp-x2fv-rm5m: On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect2022-05-24
CVEList
Junos OS: MX series/EX9200 Series: IPv6 DDoS protection does not work as expected.2020-10-16

📋Vendor Advisories

1
Juniper
CVE-2020-1665: On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect2020-10-16
CVE-2020-1665 — Juniper Networks Junos OS vulnerability | cvebase