Juniper Junos vulnerabilities

CVE-2020-1685 [MEDIUM] CWE-203 CVE-2020-1685: When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series devices u When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series devices using Virtual Extensible LAN protocol (VXLAN), the discard action will fail to discard traffic under certain conditions. Given a firewall filter configuration similar to: family ethernet-switching { filter L2-VLAN { term ALLOW { from { user-vlan-id 100;

CVE-2020-1687 [MEDIUM] CWE-400 CVE-2020-1687: On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in (Ethernet VPN) EVPN On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in (Ethernet VPN) EVPN-(Virtual Extensible LAN) VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffic interruption. This issue affects devices that are

CVE-2020-1668 [MEDIUM] CWE-400 CVE-2020-1668: On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 i On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 interface can cause high CPU load, which could lead to traffic interruption. This issue occurs when multicast packets are received by the layer 2 interface. To check if the device has high CPU load due to this issue, the administrator can issue the follo

CVE-2020-1670 [MEDIUM] CWE-400 CVE-2020-1670: On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing En On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interruption. This specific packets can originate only from within the broadcast domain where the device is connected. This issue occurs when the packets enter to

CVE-2020-1665 [MEDIUM] CWE-794 CVE-2020-1665: On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect when it reaches the threshold condition. The DDoS protection allows the device to continue to function while it is under DDoS attack, protecting both the Routing Engine (RE) and the Flexible PIC Concentr

CVE-2020-1678 [MEDIUM] CWE-400 CVE-2020-1678: On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specifi On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. If the memory is exhausted the rpd process might crash. If the issue occurs, the memory leak could be seen by executing the "show task memory detail | match policy | match evpn" command multiple times to check if

CVE-2020-1669 [MEDIUM] CWE-256 CVE-2020-1669: The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Junip The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd. This is not a security best current practice as it can allow an attacker with access to the local filesystem the ability to brute-force decrypt password ha

CVE-2020-1654 [CRITICAL] CWE-120 CVE-2020-1654: On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service ena On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) Continued processing of this malformed HTTP message may result in an extended Denial of Service (DoS) condition. The offending HTTP message

CVE-2020-1647 [CRITICAL] CWE-415 CVE-2020-1647: On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service ena On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. Continued processing of this specific HTTP message may result in an extended Denial of Service (DoS).

CVE-2020-1648 [HIGH] CWE-159 CVE-2020-1648: On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a routing process daemon (RPD) crash and restart. This issue can occur even before the BGP session with the peer is established. Repeated receipt of this specific BGP packet can result in an extended Denial of Service (DoS) condition. This issue affec

CVE-2020-1649 [HIGH] CVE-2020-1649: When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and th When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine (PFE) will become disabled upon receipt of small fragments requiring reassembly, generating the following error messages: [LOG: Err] MQSS(2): WO: Pac

CVE-2020-1644 [HIGH] CWE-703 CVE-2020-1644: On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt of a specific BGP UPDATE pack On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt of a specific BGP UPDATE packet causes an internal counter to be incremented incorrectly, which over time can lead to the routing protocols process (RPD) crash and restart. This issue affects both IBGP and EBGP multihop deployment in IPv4 or IPv6 network. This issue affects: Juniper

CVE-2020-1645 [HIGH] CWE-362 CVE-2020-1645: When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart. While the Services PIC is resta

CVE-2020-1650 [HIGH] CVE-2020-1650: On Juniper Networks Junos MX Series with service card configured, receipt of a stream of specific pa On Juniper Networks Junos MX Series with service card configured, receipt of a stream of specific packets may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending these specific packets, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a prolonged Denial of Service. This issue affects MX Series devices using MS-PIC, MS-MI

CVE-2020-1640 [HIGH] CWE-1173 CVE-2020-1640: An improper use of a validation framework when processing incoming genuine BGP packets within Junipe An improper use of a validation framework when processing incoming genuine BGP packets within Juniper Networks RPD (routing protocols process) daemon allows an attacker to crash RPD thereby causing a Denial of Service (DoS) condition. This framework requires these packets to be passed. By continuously sending any of these types of formatted genuine pac

CVE-2020-1653 [HIGH] CWE-159 CVE-2020-1653: On Juniper Networks Junos OS devices, a stream of TCP packets sent to the Routing Engine (RE) may ca On Juniper Networks Junos OS devices, a stream of TCP packets sent to the Routing Engine (RE) may cause mbuf leak which can lead to Flexible PIC Concentrator (FPC) crash or the system to crash and restart (vmcore). This issue can be trigged by IPv4 or IPv6 and it is caused only by TCP packets. This issue is not related to any specific configuration and

CVE-2020-1646 [HIGH] CWE-159 CVE-2020-1646: On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific UPDATE for an EBGP On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific UPDATE for an EBGP peer can lead to a routing process daemon (RPD) crash and restart. This issue occurs only when the device is receiving and processing the BGP UPDATE for an EBGP peer. This issue does not occur when the device is receiving and processing the BGP UPDATE for

CVE-2020-1651 [MEDIUM] CWE-19 CVE-2020-1651: On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory lea On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine (PFE) on the line card to crash and restart, causing traffic interruption. By continuously sending this stream of specific layer 2 frame, an attacker connected to the same broadcast domain can repeatedly crash

CVE-2020-1641 [MEDIUM] CWE-362 CVE-2020-1641: A Race Condition vulnerability in Juniper Networks Junos OS LLDP implementation allows an attacker t A Race Condition vulnerability in Juniper Networks Junos OS LLDP implementation allows an attacker to cause LLDP to crash leading to a Denial of Service (DoS). This issue occurs when crafted LLDP packets are received by the device from an adjacent device. Multiple LACP flaps will occur after LLDP crashes. An indicator of compromise is to evaluate log

CVE-2020-1655 [MEDIUM] CVE-2020-1655: When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and th When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine (PFE) will become disabled upon receipt of large packets requiring fragmentation, generating the following error messages: [LOG: Err] MQSS(0): WO: