fkie_nvd - fkie_cve-2020-1639

FKIE_CVE-2020-1639

Vulnerability from fkie_nvd - Published: 2020-04-08 20:15 - Updated: 2024-11-21 05:11

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition. This overflow condition in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) condition by coring the CFM daemon. Continued receipt of these packets may cause an extended Denial of Service condition. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D95 on SRX Series; 14.1X50 versions prior to 14.1X50-D145; 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R2; 15.1X49 versions prior to 15.1X49-D170 on SRX Series; 15.1X53 versions prior to 15.1X53-D67.

References

	URL	Tags
	sirt@juniper.net	https://kb.juniper.net/	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	14.1x50
juniper	junos	14.1x50
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "223C12D0-61A0-4C12-8AFC-A0CB64759A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "371A7DF8-3F4B-439D-8990-D1BC6F0C25C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r10:*:*:*:*:*:*",
              "matchCriteriaId": "661B4C1E-DB85-4EB0-B26F-F6496CEF0AA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r10-s1:*:*:*:*:*:*",
              "matchCriteriaId": "F7C33DE7-4947-41D1-8DDF-DC7C9541414E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r10-s2:*:*:*:*:*:*",
              "matchCriteriaId": "C12D5D63-479D-4B27-8179-3B8985DB51F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r11:*:*:*:*:*:*",
              "matchCriteriaId": "F0DD051A-E486-4A9D-A978-A5A980AAF237",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r12:*:*:*:*:*:*",
              "matchCriteriaId": "D4ED9ACC-B6BA-4128-8934-759BB9EC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r12-s1:*:*:*:*:*:*",
              "matchCriteriaId": "FC4D8EE5-E93F-4F50-9D31-CD5A69531962",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r12-s11:*:*:*:*:*:*",
              "matchCriteriaId": "B786F950-0E07-4ADC-B988-917994FE99CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r12-s12:*:*:*:*:*:*",
              "matchCriteriaId": "2F703D05-C7A4-4EBF-A2FB-8AFE8E13DCDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r12-s13:*:*:*:*:*:*",
              "matchCriteriaId": "BACE640C-9ED9-4976-9083-DEEBDDAA5516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r12-s14:*:*:*:*:*:*",
              "matchCriteriaId": "9813A1FF-9AB3-46C0-BD65-5462E2942FD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r12-s3:*:*:*:*:*:*",
              "matchCriteriaId": "99C8DC55-60AF-44D0-86C1-1F90C5DB0235",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r12-s4:*:*:*:*:*:*",
              "matchCriteriaId": "D23CEC9A-BF5F-489C-8CA7-1946238E20D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r12-s6:*:*:*:*:*:*",
              "matchCriteriaId": "0010CCA3-6A76-4C18-82C4-BF44FECA4B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r12-s8:*:*:*:*:*:*",
              "matchCriteriaId": "4D353E7F-F773-4502-B4EE-E73BA2DE1BF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*",
              "matchCriteriaId": "AC1FED64-8725-4978-9EBF-E3CD8EF338E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
              "matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
              "matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*",
              "matchCriteriaId": "5FF83BD0-3B28-481E-8C8F-09ECDA493DA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*",
              "matchCriteriaId": "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*",
              "matchCriteriaId": "3C82799B-BD25-4359-9E3D-4D7CA7367525",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*",
              "matchCriteriaId": "094485FF-960C-4533-A2AF-6C4D420D260D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*",
              "matchCriteriaId": "F8BE3661-1DE5-4F57-9384-68C1B34F6812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*",
              "matchCriteriaId": "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*",
              "matchCriteriaId": "C6C694C6-C58C-4513-91E8-6CC22A2386E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d51:*:*:*:*:*:*",
              "matchCriteriaId": "64A0CCD4-91BA-440E-A14C-48E67D1F03A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*",
              "matchCriteriaId": "6B65EF51-ED97-4973-94C4-8F66C553F190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*",
              "matchCriteriaId": "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*",
              "matchCriteriaId": "44C61900-680C-4C74-8B96-ACC93FE9465E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d70:*:*:*:*:*:*",
              "matchCriteriaId": "B6C38637-ABE0-419A-A053-CBE076766551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d75:*:*:*:*:*:*",
              "matchCriteriaId": "1F87EF0D-E609-4D4A-B228-CEF05C753E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d80:*:*:*:*:*:*",
              "matchCriteriaId": "4484081E-E2E9-4858-8960-144D820CF7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x50:*:*:*:*:*:*:*",
              "matchCriteriaId": "104A7E60-EDE5-43E6-82FA-93016265CF4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x50:d60:*:*:*:*:*:*",
              "matchCriteriaId": "A9C31E6C-0CF5-4DCA-9CAC-317C179711D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:-:*:*:*:*:*:*",
              "matchCriteriaId": "6FEF5DD8-B0B2-4ED2-B38F-CE870485AB8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
              "matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
              "matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
              "matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
              "matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
              "matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
              "matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
              "matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
              "matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
              "matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d42:*:*:*:*:*:*",
              "matchCriteriaId": "39427B97-EB80-46BE-A5D0-90CCEC1DD207",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d43:*:*:*:*:*:*",
              "matchCriteriaId": "131CBAB6-8222-4CDC-AEC8-8AD1AD507C61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d44:*:*:*:*:*:*",
              "matchCriteriaId": "81BEA7EA-FF95-425B-9245-21927E1F30C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*",
              "matchCriteriaId": "EB013C0D-893D-4A71-AF86-B63DB4464784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "285CD1E5-C6D3-470A-8556-653AFF74D0F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:a1:*:*:*:*:*:*",
              "matchCriteriaId": "83AB8877-3DC0-4B8C-B864-1BF18C368337",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f:*:*:*:*:*:*",
              "matchCriteriaId": "D80CABB3-9A32-4FBC-AB8E-435BA85CFA70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*",
              "matchCriteriaId": "C56F5C48-BA48-4EE1-88BE-782B3CFB3B90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
              "matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "AC196685-3B0C-4754-AE6A-6BE456CC6B52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "F0146AA9-C513-4871-A62A-52C9F40EB958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "A18672EF-E33D-4ACE-BB0A-561812F502C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s4:*:*:*:*:*:*",
              "matchCriteriaId": "CEF0E75F-831E-40B8-926D-B2E92A84E31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*",
              "matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*",
              "matchCriteriaId": "0EAA2998-A0D6-4818-9E7C-25E8099403E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*",
              "matchCriteriaId": "2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f5-s7:*:*:*:*:*:*",
              "matchCriteriaId": "BFF0C559-EC2F-4FEE-B012-E9127A68FD4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*",
              "matchCriteriaId": "71D211B9-B2FE-4324-AAEE-8825D5238E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f6-s1:*:*:*:*:*:*",
              "matchCriteriaId": "ABD3A11C-4CAA-4DDB-AD20-6C7EFA368CCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f6-s12:*:*:*:*:*:*",
              "matchCriteriaId": "2698D906-6D9D-429C-9ECC-46FF2334C637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f6-s2:*:*:*:*:*:*",
              "matchCriteriaId": "6126279A-8509-4CA1-BFB3-E76F701F5031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f6-s3:*:*:*:*:*:*",
              "matchCriteriaId": "CA0D028E-0B07-4CB2-863A-527806B9917C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f6-s4:*:*:*:*:*:*",
              "matchCriteriaId": "846582E4-05A0-4AD9-B78B-1707A09DAA74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f6-s7:*:*:*:*:*:*",
              "matchCriteriaId": "85B83ED7-EE50-4F06-A386-B0A4FC7263DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f7:*:*:*:*:*:*",
              "matchCriteriaId": "BD332D86-5DA7-49A4-98C3-E4D946832DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*",
              "matchCriteriaId": "27A6BF09-ABBF-4126-ADD6-B174937F8554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
              "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
              "matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
              "matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
              "matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*",
              "matchCriteriaId": "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*",
              "matchCriteriaId": "C808E08F-1992-43DD-A106-E920DC784831",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d15:*:*:*:*:*:*",
              "matchCriteriaId": "C8C94365-988C-4A14-8E49-846152FDC666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*",
              "matchCriteriaId": "E288F54B-AEA3-412F-85A4-EBDFE74DB84F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d160:*:*:*:*:*:*",
              "matchCriteriaId": "02AAC05C-1C4B-4F35-A286-52D20DFD6212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
              "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d25:*:*:*:*:*:*",
              "matchCriteriaId": "6825F6BA-B48F-4E02-938F-6B297E21BA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
              "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
              "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
              "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
              "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
              "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
              "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
              "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
              "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
              "matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
              "matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
              "matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
              "matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:-:*:*:*:*:*:*",
              "matchCriteriaId": "C9511DD0-D910-4C29-B0E3-8F9D0531F09C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*",
              "matchCriteriaId": "6E87C765-8D68-404A-AC71-3F22A7260E8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
              "matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
              "matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d25:*:*:*:*:*:*",
              "matchCriteriaId": "1DD0B95A-7C9F-4A18-9CD8-BA344DEFC9D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
              "matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d31:*:*:*:*:*:*",
              "matchCriteriaId": "6F3ED4F6-483F-41DC-BBCF-3605641ACAD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
              "matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
              "matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
              "matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d40:*:*:*:*:*:*",
              "matchCriteriaId": "C2B5ED13-F998-447C-8FEA-047FE9FE2F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d45:*:*:*:*:*:*",
              "matchCriteriaId": "65F3CD2A-D5E1-4EFF-9013-6D81B396F765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d47:*:*:*:*:*:*",
              "matchCriteriaId": "4C2A9C1A-AEE4-4CD6-91D7-D0E9F2717512",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d48:*:*:*:*:*:*",
              "matchCriteriaId": "1749B778-0E36-4539-8668-89F4460F251F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*",
              "matchCriteriaId": "D58997E6-96B4-4930-A29D-B49D06DFA9D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d51:*:*:*:*:*:*",
              "matchCriteriaId": "AFB887FD-D3FB-439F-9A89-CC367A74DB00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d52:*:*:*:*:*:*",
              "matchCriteriaId": "BDA46912-D173-49C5-A0A1-64BD0889D3A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d55:*:*:*:*:*:*",
              "matchCriteriaId": "3BEE4EE4-18D9-4FA9-9A02-917240B851AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d56:*:*:*:*:*:*",
              "matchCriteriaId": "3978B35D-5745-47BC-A56F-A0678AB0F3E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d57:*:*:*:*:*:*",
              "matchCriteriaId": "188FED65-8A81-4BB0-B10B-8CA17B4F71CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d58:*:*:*:*:*:*",
              "matchCriteriaId": "9F03E847-748B-43BD-B6C1-BFDECE99BC3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d59:*:*:*:*:*:*",
              "matchCriteriaId": "92E31AF0-83EB-4570-A6DE-4308BE0D3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*",
              "matchCriteriaId": "962CCED8-E321-4878-9BE6-0DC33778559A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*",
              "matchCriteriaId": "2B08B97A-5D4D-405B-A1C4-9E327E4EED35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*",
              "matchCriteriaId": "738C1061-E8B8-4924-AFE9-5E59F22CA4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*",
              "matchCriteriaId": "9071DC8C-D0AA-448E-82BF-7C801199193F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d64:*:*:*:*:*:*",
              "matchCriteriaId": "395CC50B-9042-4B12-9A1C-A8D5D571DC25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d65:*:*:*:*:*:*",
              "matchCriteriaId": "F0396190-54A5-4F11-8530-B5EC7BCBC85A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d66:*:*:*:*:*:*",
              "matchCriteriaId": "E56CF063-0CB3-4BD6-978B-B9D7C0C8C4AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition. This overflow condition in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) condition by coring the CFM daemon. Continued receipt of these packets may cause an extended Denial of Service condition. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D95 on SRX Series; 14.1X50 versions prior to 14.1X50-D145; 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R2; 15.1X49 versions prior to 15.1X49-D170 on SRX Series; 15.1X53 versions prior to 15.1X53-D67."
    },
    {
      "lang": "es",
      "value": "Cuando un atacante env\u00eda un paquete dise\u00f1ado espec\u00edfico de Ethernet Operation, Administration, and Maintenance (Ethernet OAM) hacia un dispositivo objetivo, puede manejar inapropiadamente los datos malformados entrantes y presentar un fallo al sanear estos datos entrantes, resultando en una condici\u00f3n de desbordamiento. Esta condici\u00f3n de desbordamiento en Juniper Networks Junos OS permite a un atacante causar una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) al extraer el demonio CFM. La recepci\u00f3n continua de estos paquetes puede causar una condici\u00f3n extendida de Denegaci\u00f3n de Servicio. Este problema afecta a: Juniper Networks Junos OS versiones 12.3 anteriores a 12.3R12-S15; versiones 12.3X48 anteriores a 12.3X48-D95 en la serie SRX; versiones 14.1X50 anteriores a 14.1X50-D145; versiones 14.1X53 anteriores a 14.1X53-D47; versiones 15.1 anteriores a 15.1R2; versiones 15.1X49 anteriores a 15.1X49-D170 en la serie SRX; versiones 15.1X53 anteriores a 15.1X53-D67."
    }
  ],
  "id": "CVE-2020-1639",
  "lastModified": "2024-11-21T05:11:03.443",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-04-08T20:15:14.527",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-703"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2020-1639 (GCVE-0-2020-1639)

Vulnerability from cvelistv5 – Published: 2020-04-08 19:26 – Updated: 2024-09-16 22:02

Summary

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-703 - Improper Check or Handling of Exceptional Conditions

Assigner

juniper

References

URL

Tags

https://kb.juniper.net/

x_refsource_MISC

Impacted products

Vendor

Product

Version

Juniper Networks

Junos OS

Affected: 12.3 , < 12.3R12-S15 (custom)
Affected: 14.1X50 , < 14.1X50-D145 (custom)
Affected: 14.1X53 , < 14.1X53-D47 (custom)
Affected: 15.1 , < 15.1R2 (custom)
Affected: 15.1X53 , < 15.1X53-D67 (custom)

Juniper Networks

Junos OS

Affected: 12.3X48 , < 12.3X48-D95 (custom)
Affected: 15.1X49 , < 15.1X49-D170 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:46:30.869Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "12.3R12-S15",
              "status": "affected",
              "version": "12.3",
              "versionType": "custom"
            },
            {
              "lessThan": "14.1X50-D145",
              "status": "affected",
              "version": "14.1X50",
              "versionType": "custom"
            },
            {
              "lessThan": "14.1X53-D47",
              "status": "affected",
              "version": "14.1X53",
              "versionType": "custom"
            },
            {
              "lessThan": "15.1R2",
              "status": "affected",
              "version": "15.1",
              "versionType": "custom"
            },
            {
              "lessThan": "15.1X53-D67",
              "status": "affected",
              "version": "15.1X53",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "SRX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "12.3X48-D95",
              "status": "affected",
              "version": "12.3X48",
              "versionType": "custom"
            },
            {
              "lessThan": "15.1X49-D170",
              "status": "affected",
              "version": "15.1X49",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue affects Junos OS devices with OAM Ethernet configured:\n\n  [protocols oam ethernet connectivity-fault-management]"
        }
      ],
      "datePublic": "2020-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition. This overflow condition in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) condition by coring the CFM daemon. Continued receipt of these packets may cause an extended Denial of Service condition. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D95 on SRX Series; 14.1X50 versions prior to 14.1X50-D145; 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R2; 15.1X49 versions prior to 15.1X49-D170 on SRX Series; 15.1X53 versions prior to 15.1X53-D67."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-703",
              "description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-08T19:26:02",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.juniper.net/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S15, 12.3X48-D95, 14.1X50-D145, 14.1X53-D47, 15.1R2, 15.1X49-D170, 16.1R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA11020",
        "defect": [
          "999503"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Junos OS: A crafted Ethernet OAM packet received by Junos may cause the Ethernet OAM connectivity fault management process (CFM) to core.",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no viable workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2020-04-08T15:00:00.000Z",
          "ID": "CVE-2020-1639",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: A crafted Ethernet OAM packet received by Junos may cause the Ethernet OAM connectivity fault management process (CFM) to core."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "12.3",
                            "version_value": "12.3R12-S15"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "12.3X48",
                            "version_value": "12.3X48-D95"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "14.1X50",
                            "version_value": "14.1X50-D145"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "14.1X53",
                            "version_value": "14.1X53-D47"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "15.1",
                            "version_value": "15.1R2"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1X49",
                            "version_value": "15.1X49-D170"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "15.1X53",
                            "version_value": "15.1X53-D67"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue affects Junos OS devices with OAM Ethernet configured:\n\n  [protocols oam ethernet connectivity-fault-management]"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition. This overflow condition in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) condition by coring the CFM daemon. Continued receipt of these packets may cause an extended Denial of Service condition. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D95 on SRX Series; 14.1X50 versions prior to 14.1X50-D145; 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R2; 15.1X49 versions prior to 15.1X49-D170 on SRX Series; 15.1X53 versions prior to 15.1X53-D67."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-703 Improper Check or Handling of Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/",
              "refsource": "MISC",
              "url": "https://kb.juniper.net/"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S15, 12.3X48-D95, 14.1X50-D145, 14.1X53-D47, 15.1R2, 15.1X49-D170, 16.1R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA11020",
          "defect": [
            "999503"
          ],
          "discovery": "INTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "There are no viable workarounds for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2020-1639",
    "datePublished": "2020-04-08T19:26:02.142729Z",
    "dateReserved": "2019-11-04T00:00:00",
    "dateUpdated": "2024-09-16T22:02:05.337Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2020-1639

CVE-2020-1639 (GCVE-0-2020-1639)

Tags

Sightings

Nomenclature