CVE-2020-1684Uncontrolled Resource Consumption in Networks Junos OS

CWE-400Uncontrolled Resource Consumption4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 39.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedOct 16
Latest updateMay 24

Description

On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load utilization, which could lead to traffic interruption. Application identification is enabled by default and is automatically turned on when Intrusion Detection and Prevention (IDP), AppFW, AppQoS, or AppTrack is configured. Thus, this issue might occur when IDP, AppFW, AppQoS, or AppTrack is configured. This issue affects Juniper Networks Junos OS

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os12.3X4812.3X48-D105+10
NVDjuniper/junos11 versions+10

🔴Vulnerability Details

2
GHSA
GHSA-c8w4-v97g-jwcx: On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load2022-05-24
CVEList
Junos OS: SRX Series: High CPU load due to processing for HTTP traffic when Application Identification is enabled.2020-10-16

📋Vendor Advisories

1
Juniper
CVE-2020-1684: On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load2020-10-16
CVE-2020-1684 — Uncontrolled Resource Consumption | cvebase