Juniper Networks Junos Os vulnerabilities

CVE-2020-1679 [HIGH] CWE-20 CVE-2020-1679: On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observat On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table (KRT) queue to become stuck. KRT is the module within the Routing Process Daemon (RPD) that synchronized the routing tables with the forwarding tables in the kernel. This

CVE-2020-1673 [HIGH] CWE-79 CVE-2020-1673: Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTT Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTTPS) services allows an unauthenticated attacker to hijack the target user's HTTP/HTTPS session and perform administrative actions on the Junos device as the targeted user. This issue only affects Juniper Networks Junos OS devices with HTTP/HTTPS services e

CVE-2020-1686 [HIGH] CWE-415 CVE-2020-1686: On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to cra On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to crash and restart (vmcore). This issue can be trigged by a malformed IPv6 packet destined to the Routing Engine. An attacker can repeatedly send the offending packet resulting in an extended Denial of Service condition. Only IPv6 packets can trigger this iss

CVE-2020-1684 [HIGH] CWE-400 CVE-2020-1684: On Juniper Networks SRX Series configured with application identification inspection enabled, receip On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load utilization, which could lead to traffic interruption. Application identification is enabled by default and is automatically turned on when Intrusion Detection and Prevention (IDP), AppFW, AppQoS, or AppT

CVE-2020-1657 [HIGH] CWE-408 CVE-2020-1657: On SRX Series devices, a vulnerability in the key-management-daemon (kmd) daemon of Juniper Networks On SRX Series devices, a vulnerability in the key-management-daemon (kmd) daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to IPSec peers before a security association (SA) is established thereby causing a failure to set up the IPSec channel. Sustained receipt of these spoofed packets can cause a sustained Denial of Servi

CVE-2020-1671 [HIGH] CWE-119 CVE-2020-1671: On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juni On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon. This issue only affects DHCPv6, it does not affect DHCPv4. This issue

CVE-2020-1661 [MEDIUM] CVE-2020-1661: On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Ho On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process might crash when receiving a malformed DHCP packet. This issue only affects devices configured as DHCP forwarder with forward-only option, that forward specified DHCP client packets, without creating a new subscr

CVE-2020-1680 [MEDIUM] CWE-131 CVE-2020-1680: On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receip On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. This issue occurs when a multiservice card is translating the malformed IPv6 packet to IPv4 packet. An unauthenticated attacker can continuously send crafted IPv6 packets t

CVE-2020-1689 [MEDIUM] CWE-400 CVE-2020-1689: On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis c On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis configuration, receipt of a stream of specific layer 2 frames can cause high CPU load, which could lead to traffic interruption. This issue does not occur when the device is deployed in Stand Alone configuration. The offending layer 2 frame packets can o

CVE-2020-1682 [MEDIUM] CWE-20 CVE-2020-1682: An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash the srxpfe process, causing a Denial of Service (DoS) through the use of specific maintenance commands. The srxpfe process restarts automatically, but continuous execution of the commands could lead to an extended Denial of Service condition. This issue

CVE-2020-1688 [MEDIUM] CWE-320 CVE-2020-1688: On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell m On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services. Exploitation of this vulnerability may allow an attacker to decrypt the communications between the Junip

CVE-2020-1685 [MEDIUM] CWE-203 CVE-2020-1685: When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series devices u When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series devices using Virtual Extensible LAN protocol (VXLAN), the discard action will fail to discard traffic under certain conditions. Given a firewall filter configuration similar to: family ethernet-switching { filter L2-VLAN { term ALLOW { from { user-vlan-id 100;

CVE-2020-1687 [MEDIUM] CWE-400 CVE-2020-1687: On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in (Ethernet VPN) EVPN On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in (Ethernet VPN) EVPN-(Virtual Extensible LAN) VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffic interruption. This issue affects devices that are

CVE-2020-1668 [MEDIUM] CWE-400 CVE-2020-1668: On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 i On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 interface can cause high CPU load, which could lead to traffic interruption. This issue occurs when multicast packets are received by the layer 2 interface. To check if the device has high CPU load due to this issue, the administrator can issue the follo

CVE-2020-1670 [MEDIUM] CWE-400 CVE-2020-1670: On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing En On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interruption. This specific packets can originate only from within the broadcast domain where the device is connected. This issue occurs when the packets enter to

CVE-2020-1665 [MEDIUM] CWE-794 CVE-2020-1665: On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect when it reaches the threshold condition. The DDoS protection allows the device to continue to function while it is under DDoS attack, protecting both the Routing Engine (RE) and the Flexible PIC Concentr

CVE-2020-1678 [MEDIUM] CWE-400 CVE-2020-1678: On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specifi On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. If the memory is exhausted the rpd process might crash. If the issue occurs, the memory leak could be seen by executing the "show task memory detail | match policy | match evpn" command multiple times to check if

CVE-2020-1669 [MEDIUM] CWE-256 CVE-2020-1669: The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Junip The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd. This is not a security best current practice as it can allow an attacker with access to the local filesystem the ability to brute-force decrypt password ha

CVE-2020-1654 [CRITICAL] CWE-120 CVE-2020-1654: On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service ena On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) Continued processing of this malformed HTTP message may result in an extended Denial of Service (DoS) condition. The offending HTTP message

CVE-2020-1647 [CRITICAL] CWE-415 CVE-2020-1647: On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service ena On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. Continued processing of this specific HTTP message may result in an extended Denial of Service (DoS).