CVE-2020-1648
Vulnerability from cvelistv5
Published
2020-07-17 18:40
Modified
2024-09-16 19:40
Severity ?
EPSS score ?
Summary
Junos OS and Junos OS Evolved: RPD crash when processing a specific BGP packet
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA11035 | Vendor Advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Juniper Networks | Junos OS | |
| Juniper Networks | Junos OS Evolved |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:29.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA11035"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"changes": [
{
"at": "18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60.2, 18.2X75-D65.1, 18.2X75-D70",
"status": "unaffected"
}
],
"lessThan": "18.2X75*",
"status": "affected",
"version": "18.2X75-D50.8 18.2X75-D60",
"versionType": "custom"
},
{
"changes": [
{
"at": "19.4R1",
"status": "affected"
},
{
"at": "19.4R1-S2, 19.4R2",
"status": "unaffected"
}
],
"lessThan": "19.4R1",
"status": "unaffected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R1-S2, 20.1R2",
"status": "affected",
"version": "20.1",
"versionType": "custom"
}
]
},
{
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"changes": [
{
"at": "19.4R2-S2-EVO",
"status": "unaffected"
}
],
"lessThan": "19.4R1-EVO",
"status": "unaffected",
"version": "19.4-EVO",
"versionType": "custom"
},
{
"lessThan": "20.1R2-EVO",
"status": "affected",
"version": "20.1-EVO",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a routing process daemon (RPD) crash and restart. This issue can occur even before the BGP session with the peer is established. Repeated receipt of this specific BGP packet can result in an extended Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 18.2X75 versions starting from 18.2X75-D50.8, 18.2X75-D60 and later versions, prior to 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60.2, 18.2X75-D65.1, 18.2X75-D70; 19.4 versions 19.4R1 and 19.4R1-S1; 20.1 versions prior to 20.1R1-S2, 20.1R2. Juniper Networks Junos OS Evolved: 19.4-EVO versions prior to 19.4R2-S2-EVO; 20.1-EVO versions prior to 20.1R2-EVO. This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-159",
"description": "CWE-159 Failure to Sanitize Special Element",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-690",
"description": "CWE-690 Unchecked Return Value to NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-17T18:40:42",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA11035"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS: 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60.2, 18.2X75-D65.1, 18.2X75-D70, 19.4R1-S2, 19.4R2, 20.1R1-S2, 20.1R2, 20.2R1, and all subsequent releases.\n\nJunos OS Evolved: 19.4R2-S2-EVO, 20.1R2-EVO, 20.2R1-EVO and all subsequent releases."
}
],
"source": {
"advisory": "JSA11035",
"defect": [
"1502327"
],
"discovery": "USER"
},
"title": "Junos OS and Junos OS Evolved: RPD crash when processing a specific BGP packet",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2020-07-08T07:00:00.000Z",
"ID": "CVE-2020-1648",
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: RPD crash when processing a specific BGP packet"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "18.2X75",
"version_value": "18.2X75-D50.8 18.2X75-D60"
},
{
"version_affected": "\u003c",
"version_name": "18.2X75",
"version_value": "18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60.2, 18.2X75-D65.1, 18.2X75-D70"
},
{
"version_affected": "!\u003c",
"version_name": "19.4",
"version_value": "19.4R1"
},
{
"version_affected": "\u003e=",
"version_name": "19.4",
"version_value": "19.4R1"
},
{
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R1-S2, 19.4R2"
},
{
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R1-S2, 20.1R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "!\u003c",
"version_name": "19.4-EVO",
"version_value": "19.4R1-EVO"
},
{
"version_affected": "\u003c",
"version_name": "19.4-EVO",
"version_value": "19.4R2-S2-EVO"
},
{
"version_affected": "\u003c",
"version_name": "20.1-EVO",
"version_value": "20.1R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a routing process daemon (RPD) crash and restart. This issue can occur even before the BGP session with the peer is established. Repeated receipt of this specific BGP packet can result in an extended Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 18.2X75 versions starting from 18.2X75-D50.8, 18.2X75-D60 and later versions, prior to 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60.2, 18.2X75-D65.1, 18.2X75-D70; 19.4 versions 19.4R1 and 19.4R1-S1; 20.1 versions prior to 20.1R1-S2, 20.1R2. Juniper Networks Junos OS Evolved: 19.4-EVO versions prior to 19.4R2-S2-EVO; 20.1-EVO versions prior to 20.1R2-EVO. This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-159 Failure to Sanitize Special Element"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-690 Unchecked Return Value to NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11035",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11035"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS: 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60.2, 18.2X75-D65.1, 18.2X75-D70, 19.4R1-S2, 19.4R2, 20.1R1-S2, 20.1R2, 20.2R1, and all subsequent releases.\n\nJunos OS Evolved: 19.4R2-S2-EVO, 20.1R2-EVO, 20.2R1-EVO and all subsequent releases."
}
],
"source": {
"advisory": "JSA11035",
"defect": [
"1502327"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2020-1648",
"datePublished": "2020-07-17T18:40:42.272117Z",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-09-16T19:40:10.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-1648\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2020-07-17T19:15:13.267\",\"lastModified\":\"2022-01-01T17:34:50.527\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a routing process daemon (RPD) crash and restart. This issue can occur even before the BGP session with the peer is established. Repeated receipt of this specific BGP packet can result in an extended Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 18.2X75 versions starting from 18.2X75-D50.8, 18.2X75-D60 and later versions, prior to 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60.2, 18.2X75-D65.1, 18.2X75-D70; 19.4 versions 19.4R1 and 19.4R1-S1; 20.1 versions prior to 20.1R1-S2, 20.1R2. Juniper Networks Junos OS Evolved: 19.4-EVO versions prior to 19.4R2-S2-EVO; 20.1-EVO versions prior to 20.1R2-EVO. This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO.\"},{\"lang\":\"es\",\"value\":\"En los dispositivos Juniper Networks Junos OS y Junos OS Evolved, el procesamiento de un paquete BGP espec\u00edfico puede provocar el bloqueo y reinicio del demonio de proceso de enrutamiento (RPD). Este problema puede ocurrir incluso antes de que se establezca la sesi\u00f3n de BGP con el par. La recepci\u00f3n repetida de este paquete BGP espec\u00edfico puede dar lugar a una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) extendida. Este problema afecta: Juniper Networks Junos OS: Versiones 18.2X75 a partir de 18.2X75-D50.8, 18.2X75-D60 y versiones posteriores, anteriores a la versi\u00f3n 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60.2, 18.2X75-D65.1, 18.2X75-D70; versiones 19.4 19.4R1 y 19.4R1-S1; versiones 20.1 anteriores a la versi\u00f3n 20.1R1-S2, 20.1R2. Evoluci\u00f3n del SO Junos de Juniper Networks: Versiones 19.4-EVO anteriores a la versi\u00f3n Este problema no afecta: Versiones del SO Junos de Juniper Networks anteriores a la 19.4R1. Versiones evolucionadas del SO Junos de Juniper Networks anteriores a la versi\u00f3n 19.4R1-EVO\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-159\"},{\"lang\":\"en\",\"value\":\"CWE-690\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2x75:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"097AEA48-4A45-489E-9C91-D5CE139994D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2x75:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEC6BBCF-6429-4BD8-9728-4A1B0616D7C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2x75:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"12805C4D-2737-41E4-8950-5B48636765F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2x75:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"C680D835-0262-46BF-B120-DFBFF377341E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2x75:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"50441A8C-DAB0-4D1A-AA00-FED6056148D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC743EE4-8833-452A-94DB-655BF139F883\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE96A8EA-FFE3-4D8F-9266-21899149D634\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8328FDE6-9707-4142-B905-3B07C0E28E35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"41CD982F-E6F2-4951-9F96-A76C142DF08E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"83447F3F-79A3-41DF-8FD1-31DCFCBE40A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B14CED1-BEAF-4343-A05D-FB1E2B6AC955\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABB91C38-8C70-436A-83DB-42B8DF81D7D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F64FBB4B-7CBF-499B-A523-804857DEFAFA\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA11035\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.