CVSS: 7.5EPSS: 0%CPEs: 122EXPL: 0CVE-2020-1679 – Junos OS: PTX/QFX Series: Kernel Routing Table (KRT) queue stuck after packet sampling a malformed packet when the tunnel-observation mpls-over-udp configuration is enabled.
https://notcve.org/view.php?id=CVE-2020-1679
16 Oct 2020 — On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table (KRT) queue to become stuck. KRT is the module within the Routing Process Daemon (RPD) that synchronized the routing tables with the forwarding tables in the kernel. This table is then synchronized to the Packet Forwarding Engine (PFE) via the KRT queue. Thus, when KRT queue become stuck, it can lead to unexpected packet forw... • https://kb.juniper.net/JSA11076 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 130EXPL: 0CVE-2020-1672 – Junos OS: jdhcpd process crash when processing a specific DHCPDv6 packet in DHCPv6 relay configuration.
https://notcve.org/view.php?id=CVE-2020-1672
16 Oct 2020 — On Juniper Networks Junos OS devices configured with DHCPv6 relay enabled, receipt of a specific DHCPv6 packet might crash the jdhcpd daemon. The jdhcpd daemon automatically restarts without intervention, but continuous receipt of specific crafted DHCP messages will repeatedly crash jdhcpd, leading to an extended Denial of Service (DoS) condition. Only DHCPv6 packet can trigger this issue. DHCPv4 packet cannot trigger this issue. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S9... • https://kb.juniper.net/JSA11069 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 121EXPL: 0CVE-2020-1670 – Junos OS: EX4300 Series: High CPU load due to receipt of specific IPv4 packets
https://notcve.org/view.php?id=CVE-2020-1670
16 Oct 2020 — On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interruption. This specific packets can originate only from within the broadcast domain where the device is connected. This issue occurs when the packets enter to the IRB interface. Only IPv4 packets can trigger this issue. IPv6 packets cannot trigger this issue. • https://kb.juniper.net • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.3EPSS: 0%CPEs: 56EXPL: 0CVE-2020-1667 – Junos OS: MX Series: Services card might restart due to a race condition when DNS filtering is enabled.
https://notcve.org/view.php?id=CVE-2020-1667
16 Oct 2020 — When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process might be bypassed due to a race condition. Due to this vulnerability, mspmand process, responsible for managing "URL Filtering service", can crash, causing the Services PIC to restart. While the Services PIC is restarting, all PIC services including DNS filtering service (DNS sink holin... • https://kb.juniper.net • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.3EPSS: 0%CPEs: 103EXPL: 0CVE-2020-1665 – Junos OS: MX series/EX9200 Series: IPv6 DDoS protection does not work as expected.
https://notcve.org/view.php?id=CVE-2020-1665
16 Oct 2020 — On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect when it reaches the threshold condition. The DDoS protection allows the device to continue to function while it is under DDoS attack, protecting both the Routing Engine (RE) and the Flexible PIC Concentrator (FPC) during the DDoS attack. When this issue occurs, the RE and/or the FPC can become overwhelmed, which could disrupt network protocol operations and/o... • https://kb.juniper.net/JSA11062 • CWE-794: Incomplete Filtering of Multiple Instances of Special Elements •
CVSS: 7.8EPSS: 0%CPEs: 137EXPL: 0CVE-2020-1664 – Junos OS: Buffer overflow vulnerability in device control daemon
https://notcve.org/view.php?id=CVE-2020-1664
16 Oct 2020 — A stack buffer overflow vulnerability in the device control daemon (DCD) on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service (DoS) against the daemon or execute arbitrary code in the system with root privilege. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.2X75 versions prior to 18.2X75-D53, 18.2X75-D65; 18.3 versions... • https://kb.juniper.net/JSA11061 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 59EXPL: 0CVE-2020-1662 – Junos OS and Junos OS Evolved: RPD crash due to BGP session flapping.
https://notcve.org/view.php?id=CVE-2020-1662
16 Oct 2020 — On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session flapping can lead to a routing process daemon (RPD) crash and restart, limiting the attack surface to configured BGP peers. This issue only affects devices with BGP damping in combination with accepted-prefix-limit configuration. When the issue occurs the following messages will appear in the /var/log/messages: rpd[6046]: %DAEMON-4-BGP_PREFIX_THRESH_EXCEEDED: XXXX (External AS x): Configured maximum accepted prefix-limit threshold(1800) ... • https://kb.juniper.net/JSA11059 • CWE-20: Improper Input Validation •
CVSS: 9.9EPSS: 0%CPEs: 56EXPL: 0CVE-2020-1660 – Junos OS: MX Series: Receipt of specific packets can cause services card to restart when DNS filtering is configured.
https://notcve.org/view.php?id=CVE-2020-1660
16 Oct 2020 — When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart. While the Services PIC is restarting, all PIC services including DNS filtering service (DNS sink holing) will be bypassed until the Services PIC completes its boot process. This vulnerabil... • https://kb.juniper.net/JSA11054 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 97EXPL: 0CVE-2020-1657 – Junos OS: SRX Series: An attacker sending spoofed packets to IPSec peers may cause a Denial of Service.
https://notcve.org/view.php?id=CVE-2020-1657
16 Oct 2020 — On SRX Series devices, a vulnerability in the key-management-daemon (kmd) daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to IPSec peers before a security association (SA) is established thereby causing a failure to set up the IPSec channel. Sustained receipt of these spoofed packets can cause a sustained Denial of Service (DoS) condition. This issue affects IPv4 and IPv6 implementations. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 1... • https://kb.juniper.net/JSA11050 • CWE-408: Incorrect Behavior Order: Early Amplification •
CVSS: 8.8EPSS: 1%CPEs: 326EXPL: 0CVE-2020-1656 – Junos OS: When a DHCPv6 Relay-Agent is configured upon receipt of a specific DHCPv6 client message, Remote Code Execution may occur.
https://notcve.org/view.php?id=CVE-2020-1656
16 Oct 2020 — The DHCPv6 Relay-Agent service, part of the Juniper Enhanced jdhcpd daemon shipped with Juniper Networks Junos OS has an Improper Input Validation vulnerability which will result in a Denial of Service (DoS) condition when a DHCPv6 client sends a specific DHPCv6 message allowing an attacker to potentially perform a Remote Code Execution (RCE) attack on the target device. Continuous receipt of the specific DHCPv6 client message will result in an extended Denial of Service (DoS) condition. If adjacent devices... • https://kb.juniper.net/JSA11049 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •