CVE-2020-1639

Published: Apr 8, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition. This overflow condition in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) condition by coring the CFM daemon. Continued receipt of these packets may cause an extended Denial of Service condition. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D95 on SRX Series; 14.1X50 versions prior to 14.1X50-D145; 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R2; 15.1X49 versions prior to 15.1X49-D170 on SRX Series; 15.1X53 versions prior to 15.1X53-D67.

Affected (124)

Products: Juniper: Junos

Juniper

1 product

Junos

Configuration A

124 vulnerable

Vulnerable Software	Affected Versions
Juniper Junos	Version 12.3
Juniper Junos	Version 12.3 r10-s1
Juniper Junos	Version 12.3 r10-s2
Juniper Junos	Version 12.3 r10
Juniper Junos	Version 12.3 r11
Juniper Junos	Version 12.3 r12-s11
Juniper Junos	Version 12.3 r12-s12
Juniper Junos	Version 12.3 r12-s13
Juniper Junos	Version 12.3 r12-s14
Juniper Junos	Version 12.3 r12-s1
Juniper Junos	Version 12.3 r12-s3
Juniper Junos	Version 12.3 r12-s4
Juniper Junos	Version 12.3 r12-s6
Juniper Junos	Version 12.3 r12-s8
Juniper Junos	Version 12.3 r12
Juniper Junos	Version 12.3 r1
Juniper Junos	Version 12.3x48
Juniper Junos	Version 12.3x48 d10
Juniper Junos	Version 12.3x48 d15
Juniper Junos	Version 12.3x48 d20
Juniper Junos	Version 12.3x48 d25
Juniper Junos	Version 12.3x48 d30
Juniper Junos	Version 12.3x48 d35
Juniper Junos	Version 12.3x48 d40
Juniper Junos	Version 12.3x48 d45
Juniper Junos	Version 12.3x48 d50
Juniper Junos	Version 12.3x48 d51
Juniper Junos	Version 12.3x48 d55
Juniper Junos	Version 12.3x48 d60
Juniper Junos	Version 12.3x48 d65
Juniper Junos	Version 12.3x48 d70
Juniper Junos	Version 12.3x48 d75
Juniper Junos	Version 12.3x48 d80
Juniper Junos	Version 14.1x50
Juniper Junos	Version 14.1x50 d60
Juniper Junos	Version 14.1x53
Juniper Junos	Version 14.1x53 d10
Juniper Junos	Version 14.1x53 d15
Juniper Junos	Version 14.1x53 d16
Juniper Junos	Version 14.1x53 d25
Juniper Junos	Version 14.1x53 d26
Juniper Junos	Version 14.1x53 d27
Juniper Junos	Version 14.1x53 d30
Juniper Junos	Version 14.1x53 d35
Juniper Junos	Version 14.1x53 d40
Juniper Junos	Version 14.1x53 d42
Juniper Junos	Version 14.1x53 d43
Juniper Junos	Version 14.1x53 d44
Juniper Junos	Version 14.1x53 d45
Juniper Junos	Version 15.1
Juniper Junos	Version 15.1 a1
Juniper Junos	Version 15.1 f1
Juniper Junos	Version 15.1 f2-s1
Juniper Junos	Version 15.1 f2-s2
Juniper Junos	Version 15.1 f2-s3
Juniper Junos	Version 15.1 f2-s4
Juniper Junos	Version 15.1 f2
Juniper Junos	Version 15.1 f3
Juniper Junos	Version 15.1 f4
Juniper Junos	Version 15.1 f5-s7
Juniper Junos	Version 15.1 f5
Juniper Junos	Version 15.1 f6-s12
Juniper Junos	Version 15.1 f6-s1
Juniper Junos	Version 15.1 f6-s2
Juniper Junos	Version 15.1 f6-s3
Juniper Junos	Version 15.1 f6-s4
Juniper Junos	Version 15.1 f6-s7
Juniper Junos	Version 15.1 f6
Juniper Junos	Version 15.1 f7
Juniper Junos	Version 15.1 f
Juniper Junos	Version 15.1 r1
Juniper Junos	Version 15.1x49
Juniper Junos	Version 15.1x49 d100
Juniper Junos	Version 15.1x49 d10
Juniper Junos	Version 15.1x49 d110
Juniper Junos	Version 15.1x49 d120
Juniper Junos	Version 15.1x49 d130
Juniper Junos	Version 15.1x49 d140
Juniper Junos	Version 15.1x49 d150
Juniper Junos	Version 15.1x49 d15
Juniper Junos	Version 15.1x49 d160
Juniper Junos	Version 15.1x49 d20
Juniper Junos	Version 15.1x49 d25
Juniper Junos	Version 15.1x49 d30
Juniper Junos	Version 15.1x49 d35
Juniper Junos	Version 15.1x49 d40
Juniper Junos	Version 15.1x49 d45
Juniper Junos	Version 15.1x49 d50
Juniper Junos	Version 15.1x49 d55
Juniper Junos	Version 15.1x49 d60
Juniper Junos	Version 15.1x49 d65
Juniper Junos	Version 15.1x49 d70
Juniper Junos	Version 15.1x49 d75
Juniper Junos	Version 15.1x49 d80
Juniper Junos	Version 15.1x49 d90
Juniper Junos	Version 15.1x53
Juniper Junos	Version 15.1x53 d10
Juniper Junos	Version 15.1x53 d20
Juniper Junos	Version 15.1x53 d21
Juniper Junos	Version 15.1x53 d25
Juniper Junos	Version 15.1x53 d30
Juniper Junos	Version 15.1x53 d31
Juniper Junos	Version 15.1x53 d32
Juniper Junos	Version 15.1x53 d33
Juniper Junos	Version 15.1x53 d34
Juniper Junos	Version 15.1x53 d40
Juniper Junos	Version 15.1x53 d45
Juniper Junos	Version 15.1x53 d47
Juniper Junos	Version 15.1x53 d48
Juniper Junos	Version 15.1x53 d50
Juniper Junos	Version 15.1x53 d51
Juniper Junos	Version 15.1x53 d52
Juniper Junos	Version 15.1x53 d55
Juniper Junos	Version 15.1x53 d56
Juniper Junos	Version 15.1x53 d57
Juniper Junos	Version 15.1x53 d58
Juniper Junos	Version 15.1x53 d59
Juniper Junos	Version 15.1x53 d60
Juniper Junos	Version 15.1x53 d61
Juniper Junos	Version 15.1x53 d62
Juniper Junos	Version 15.1x53 d63
Juniper Junos	Version 15.1x53 d64
Juniper Junos	Version 15.1x53 d65
Juniper Junos	Version 15.1x53 d66

Related CWEs

CWE-703

Improper Check or Handling of Exceptional Conditions

The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.

CWE-755

Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

References (2)

https://kb.juniper.net/

Source: sirt@juniper.net

Vendor Advisory

https://kb.juniper.net/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.