CVE-2020-1661

Published: Oct 16, 2020Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: sirt@juniper.net (Secondary)

Description

On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process might crash when receiving a malformed DHCP packet. This issue only affects devices configured as DHCP forwarder with forward-only option, that forward specified DHCP client packets, without creating a new subscriber session. The jdhcpd daemon automatically restarts without intervention, but continuous receipt of the malformed DHCP packet will repeatedly crash jdhcpd, leading to an extended Denial of Service (DoS) condition. This issue can be triggered only by DHCPv4, it cannot be triggered by DHCPv6. This issue affects Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S16; 12.3X48 versions prior to 12.3X48-D105 on SRX Series; 14.1X53 versions prior to 14.1X53-D60 on EX and QFX Series; 15.1 versions prior to 15.1R7-S7; 15.1X49 versions prior to 15.1X49-D221, 15.1X49-D230 on SRX Series; 15.1X53 versions prior to 15.1X53-D593 on EX2300/EX3400; 16.1 versions prior to 16.1R7-S5.

Affected (204)

Products: Juniper: Junos

Juniper

1 product

Junos

Configuration A

88 vulnerable

Vulnerable Software	Affected Versions
Juniper Junos	Version 12.3
Juniper Junos	Version 12.3 r10-s1
Juniper Junos	Version 12.3 r10-s2
Juniper Junos	Version 12.3 r10
Juniper Junos	Version 12.3 r11
Juniper Junos	Version 12.3 r12-s11
Juniper Junos	Version 12.3 r12-s12
Juniper Junos	Version 12.3 r12-s13
Juniper Junos	Version 12.3 r12-s14
Juniper Junos	Version 12.3 r12-s15
Juniper Junos	Version 12.3 r12-s1
Juniper Junos	Version 12.3 r12-s3
Juniper Junos	Version 12.3 r12-s4
Juniper Junos	Version 12.3 r12-s6
Juniper Junos	Version 12.3 r12-s8
Juniper Junos	Version 12.3 r12
Juniper Junos	Version 12.3 r1
Juniper Junos	Version 12.3 r2
Juniper Junos	Version 12.3 r3
Juniper Junos	Version 12.3 r4
Juniper Junos	Version 12.3 r5
Juniper Junos	Version 12.3 r6
Juniper Junos	Version 12.3 r7
Juniper Junos	Version 12.3 r8
Juniper Junos	Version 12.3 r9
Juniper Junos	Version 15.1
Juniper Junos	Version 15.1 a1
Juniper Junos	Version 15.1 f1
Juniper Junos	Version 15.1 f2-s1
Juniper Junos	Version 15.1 f2-s2
Juniper Junos	Version 15.1 f2-s3
Juniper Junos	Version 15.1 f2-s4
Juniper Junos	Version 15.1 f2
Juniper Junos	Version 15.1 f3
Juniper Junos	Version 15.1 f4
Juniper Junos	Version 15.1 f5-s7
Juniper Junos	Version 15.1 f5
Juniper Junos	Version 15.1 f6-s12
Juniper Junos	Version 15.1 f6-s1
Juniper Junos	Version 15.1 f6-s2
Juniper Junos	Version 15.1 f6-s3
Juniper Junos	Version 15.1 f6-s4
Juniper Junos	Version 15.1 f6-s7
Juniper Junos	Version 15.1 f6
Juniper Junos	Version 15.1 f7
Juniper Junos	Version 15.1 f
Juniper Junos	Version 15.1 r1
Juniper Junos	Version 15.1 r2
Juniper Junos	Version 15.1 r3
Juniper Junos	Version 15.1 r4-s7
Juniper Junos	Version 15.1 r4-s8
Juniper Junos	Version 15.1 r4-s9
Juniper Junos	Version 15.1 r4
Juniper Junos	Version 15.1 r5-s1
Juniper Junos	Version 15.1 r5-s5
Juniper Junos	Version 15.1 r5-s6
Juniper Junos	Version 15.1 r5
Juniper Junos	Version 15.1 r6-s1
Juniper Junos	Version 15.1 r6-s2
Juniper Junos	Version 15.1 r6-s6
Juniper Junos	Version 15.1 r6
Juniper Junos	Version 15.1 r7-s1
Juniper Junos	Version 15.1 r7-s2
Juniper Junos	Version 15.1 r7-s3
Juniper Junos	Version 15.1 r7-s4
Juniper Junos	Version 15.1 r7-s5
Juniper Junos	Version 15.1 r7-s6
Juniper Junos	Version 15.1 r7
Juniper Junos	Version 16.1
Juniper Junos	Version 16.1 r1
Juniper Junos	Version 16.1 r2
Juniper Junos	Version 16.1 r3-s10
Juniper Junos	Version 16.1 r3-s11
Juniper Junos	Version 16.1 r3
Juniper Junos	Version 16.1 r4-s12
Juniper Junos	Version 16.1 r4-s2
Juniper Junos	Version 16.1 r4-s3
Juniper Junos	Version 16.1 r4-s4
Juniper Junos	Version 16.1 r4-s6
Juniper Junos	Version 16.1 r4
Juniper Junos	Version 16.1 r5-s4
Juniper Junos	Version 16.1 r5
Juniper Junos	Version 16.1 r6-s1
Juniper Junos	Version 16.1 r6-s6
Juniper Junos	Version 16.1 r7-s2
Juniper Junos	Version 16.1 r7-s3
Juniper Junos	Version 16.1 r7-s4
Juniper Junos	Version 16.1 r7

Configuration B

49 vulnerable · 13 platform

Vulnerable Software	Affected Versions
Juniper Junos	Version 12.3x48
Juniper Junos	Version 12.3x48 d100
Juniper Junos	Version 12.3x48 d10
Juniper Junos	Version 12.3x48 d15
Juniper Junos	Version 12.3x48 d20
Juniper Junos	Version 12.3x48 d25
Juniper Junos	Version 12.3x48 d30
Juniper Junos	Version 12.3x48 d35
Juniper Junos	Version 12.3x48 d40
Juniper Junos	Version 12.3x48 d45
Juniper Junos	Version 12.3x48 d50
Juniper Junos	Version 12.3x48 d51
Juniper Junos	Version 12.3x48 d55
Juniper Junos	Version 12.3x48 d60
Juniper Junos	Version 12.3x48 d65
Juniper Junos	Version 12.3x48 d70
Juniper Junos	Version 12.3x48 d75
Juniper Junos	Version 12.3x48 d80
Juniper Junos	Version 12.3x48 d90
Juniper Junos	Version 12.3x48 d95
Juniper Junos	Version 15.1x49
Juniper Junos	Version 15.1x49 d100
Juniper Junos	Version 15.1x49 d10
Juniper Junos	Version 15.1x49 d110
Juniper Junos	Version 15.1x49 d120
Juniper Junos	Version 15.1x49 d130
Juniper Junos	Version 15.1x49 d140
Juniper Junos	Version 15.1x49 d150
Juniper Junos	Version 15.1x49 d15
Juniper Junos	Version 15.1x49 d160
Juniper Junos	Version 15.1x49 d170
Juniper Junos	Version 15.1x49 d180
Juniper Junos	Version 15.1x49 d190
Juniper Junos	Version 15.1x49 d200
Juniper Junos	Version 15.1x49 d20
Juniper Junos	Version 15.1x49 d210
Juniper Junos	Version 15.1x49 d25
Juniper Junos	Version 15.1x49 d30
Juniper Junos	Version 15.1x49 d35
Juniper Junos	Version 15.1x49 d40
Juniper Junos	Version 15.1x49 d45
Juniper Junos	Version 15.1x49 d50
Juniper Junos	Version 15.1x49 d55
Juniper Junos	Version 15.1x49 d60
Juniper Junos	Version 15.1x49 d65
Juniper Junos	Version 15.1x49 d70
Juniper Junos	Version 15.1x49 d75
Juniper Junos	Version 15.1x49 d80
Juniper Junos	Version 15.1x49 d90

Running on/with	Platform Versions
Juniper Srx1500	All versions
Juniper Srx300	All versions
Juniper Srx320	All versions
Juniper Srx340	All versions
Juniper Srx345	All versions
Juniper Srx380	All versions
Juniper Srx4100	All versions
Juniper Srx4200	All versions
Juniper Srx4600	All versions
Juniper Srx5400	All versions
Juniper Srx550	All versions
Juniper Srx5600	All versions
Juniper Srx5800	All versions

Configuration C

47 vulnerable

Vulnerable Software	Affected Versions
Juniper Junos	Version 15.1x53
Juniper Junos	Version 15.1x53 d10
Juniper Junos	Version 15.1x53 d20
Juniper Junos	Version 15.1x53 d210
Juniper Junos	Version 15.1x53 d21
Juniper Junos	Version 15.1x53 d230
Juniper Junos	Version 15.1x53 d231
Juniper Junos	Version 15.1x53 d232
Juniper Junos	Version 15.1x53 d233
Juniper Junos	Version 15.1x53 d234
Juniper Junos	Version 15.1x53 d235
Juniper Junos	Version 15.1x53 d236
Juniper Junos	Version 15.1x53 d237
Juniper Junos	Version 15.1x53 d25
Juniper Junos	Version 15.1x53 d30
Juniper Junos	Version 15.1x53 d31
Juniper Junos	Version 15.1x53 d32
Juniper Junos	Version 15.1x53 d33
Juniper Junos	Version 15.1x53 d34
Juniper Junos	Version 15.1x53 d40
Juniper Junos	Version 15.1x53 d45
Juniper Junos	Version 15.1x53 d470
Juniper Junos	Version 15.1x53 d47
Juniper Junos	Version 15.1x53 d48
Juniper Junos	Version 15.1x53 d495
Juniper Junos	Version 15.1x53 d50
Juniper Junos	Version 15.1x53 d51
Juniper Junos	Version 15.1x53 d52
Juniper Junos	Version 15.1x53 d55
Juniper Junos	Version 15.1x53 d56
Juniper Junos	Version 15.1x53 d57
Juniper Junos	Version 15.1x53 d58
Juniper Junos	Version 15.1x53 d590
Juniper Junos	Version 15.1x53 d591
Juniper Junos	Version 15.1x53 d592
Juniper Junos	Version 15.1x53 d59
Juniper Junos	Version 15.1x53 d60
Juniper Junos	Version 15.1x53 d61
Juniper Junos	Version 15.1x53 d62
Juniper Junos	Version 15.1x53 d63
Juniper Junos	Version 15.1x53 d64
Juniper Junos	Version 15.1x53 d65
Juniper Junos	Version 15.1x53 d66
Juniper Junos	Version 15.1x53 d67
Juniper Junos	Version 15.1x53 d68
Juniper Junos	Version 15.1x53 d69
Juniper Junos	Version 15.1x53 d70

Configuration D

20 vulnerable · 18 platform

Vulnerable Software	Affected Versions
Juniper Junos	Version 14.1x53
Juniper Junos	Version 14.1x53 d10
Juniper Junos	Version 14.1x53 d15
Juniper Junos	Version 14.1x53 d16
Juniper Junos	Version 14.1x53 d25
Juniper Junos	Version 14.1x53 d26
Juniper Junos	Version 14.1x53 d27
Juniper Junos	Version 14.1x53 d30
Juniper Junos	Version 14.1x53 d34
Juniper Junos	Version 14.1x53 d35
Juniper Junos	Version 14.1x53 d40
Juniper Junos	Version 14.1x53 d42
Juniper Junos	Version 14.1x53 d43
Juniper Junos	Version 14.1x53 d44
Juniper Junos	Version 14.1x53 d45
Juniper Junos	Version 14.1x53 d48
Juniper Junos	Version 14.1x53 d50
Juniper Junos	Version 14.1x53 d51
Juniper Junos	Version 14.1x53 d52
Juniper Junos	Version 14.1x53 d53

Running on/with	Platform Versions
Juniper Ex2300	All versions
Juniper Ex2300 C	All versions
Juniper Ex3400	All versions
Juniper Ex4300	All versions
Juniper Ex4600	All versions
Juniper Ex4650	All versions
Juniper Ex9200	All versions
Juniper Ex9250	All versions
Juniper Qfx10002	All versions
Juniper Qfx10008	All versions
Juniper Qfx10016	All versions
Juniper Qfx5100	All versions
Juniper Qfx5110	All versions
Juniper Qfx5120	All versions
Juniper Qfx5130	All versions
Juniper Qfx5200	All versions
Juniper Qfx5210	All versions
Juniper Qfx5220	All versions

References (2)

https://kb.juniper.net/JSA11056

Source: sirt@juniper.net

Vendor Advisory

https://kb.juniper.net/JSA11056

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.