CVE-2020-1680Incorrect Calculation of Buffer Size in Networks Junos OS

CWE-131Incorrect Calculation of Buffer Size4 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.3%
top 46.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedOct 16
Latest updateMay 24

Description

On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. This issue occurs when a multiservice card is translating the malformed IPv6 packet to IPv4 packet. An unauthenticated attacker can continuously send crafted IPv6 packets through the device causing repetitive MS-PIC process crashes, resulting in an extended Denial of Service condition. This issue affects Juniper Netwo

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5juniper_networks/junos_os15.115.1R7-S7+13
NVDjuniper/junos14 versions+13

🔴Vulnerability Details

2
GHSA
GHSA-983j-96v4-gm2c: On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC2022-05-24
CVEList
Junos OS: MX Series: MS-MPC/MIC might crash when processing malformed IPv6 packet in NAT64 configuration.2020-10-16

📋Vendor Advisories

1
Juniper
CVE-2020-1680: On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC2020-10-16
CVE-2020-1680 — Incorrect Calculation of Buffer Size | cvebase