CVSS: 7.5EPSS: 0%CPEs: 125EXPL: 0CVE-2020-1671 – Junos OS: Receipt of malformed DHCPv6 packets causes jdhcpd to crash.
https://notcve.org/view.php?id=CVE-2020-1671
16 Oct 2020 — On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon. This issue only affects DHCPv6, it does not affect DHCPv4. This issue affects: Juniper Networks Junos OS 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.2X7... • https://kb.juniper.net/JSA11068 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 121EXPL: 0CVE-2020-1670 – Junos OS: EX4300 Series: High CPU load due to receipt of specific IPv4 packets
https://notcve.org/view.php?id=CVE-2020-1670
16 Oct 2020 — On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interruption. This specific packets can originate only from within the broadcast domain where the device is connected. This issue occurs when the packets enter to the IRB interface. Only IPv4 packets can trigger this issue. IPv6 packets cannot trigger this issue. • https://kb.juniper.net • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 93EXPL: 0CVE-2020-1668 – Junos OS: EX2300 Series: High CPU load due to receipt of specific multicast packets on layer 2 interface
https://notcve.org/view.php?id=CVE-2020-1668
16 Oct 2020 — On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 interface can cause high CPU load, which could lead to traffic interruption. This issue occurs when multicast packets are received by the layer 2 interface. To check if the device has high CPU load due to this issue, the administrator can issue the following command: user@host> show chassis routing-engine Routing Engine status: ... Idle 2 percent the "Idle" value shows as low (2 % in the example above), and al... • https://kb.juniper.net/JSA11065 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.3EPSS: 0%CPEs: 56EXPL: 0CVE-2020-1667 – Junos OS: MX Series: Services card might restart due to a race condition when DNS filtering is enabled.
https://notcve.org/view.php?id=CVE-2020-1667
16 Oct 2020 — When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process might be bypassed due to a race condition. Due to this vulnerability, mspmand process, responsible for managing "URL Filtering service", can crash, causing the Services PIC to restart. While the Services PIC is restarting, all PIC services including DNS filtering service (DNS sink holin... • https://kb.juniper.net • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2020-1666 – Junos OS Evolved: 'console log-out-on-disconnect' fails to terminate session on console cable disconnection
https://notcve.org/view.php?id=CVE-2020-1666
16 Oct 2020 — The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected. This could allow a malicious attacker with physical access to the console the ability to resume a previous interactive session and possibly gain administrative privileges. This issue affects all Juniper Networks Junos OS Evolved versions after 18.4R1-EVO, prior to 20.2R1-EVO. La opción de configuración de la consola del sistema "l... • https://kb.juniper.net/JSA11063 • CWE-284: Improper Access Control CWE-613: Insufficient Session Expiration •
CVSS: 7.8EPSS: 0%CPEs: 137EXPL: 0CVE-2020-1664 – Junos OS: Buffer overflow vulnerability in device control daemon
https://notcve.org/view.php?id=CVE-2020-1664
16 Oct 2020 — A stack buffer overflow vulnerability in the device control daemon (DCD) on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service (DoS) against the daemon or execute arbitrary code in the system with root privilege. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.2X75 versions prior to 18.2X75-D53, 18.2X75-D65; 18.3 versions... • https://kb.juniper.net/JSA11061 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 59EXPL: 0CVE-2020-1662 – Junos OS and Junos OS Evolved: RPD crash due to BGP session flapping.
https://notcve.org/view.php?id=CVE-2020-1662
16 Oct 2020 — On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session flapping can lead to a routing process daemon (RPD) crash and restart, limiting the attack surface to configured BGP peers. This issue only affects devices with BGP damping in combination with accepted-prefix-limit configuration. When the issue occurs the following messages will appear in the /var/log/messages: rpd[6046]: %DAEMON-4-BGP_PREFIX_THRESH_EXCEEDED: XXXX (External AS x): Configured maximum accepted prefix-limit threshold(1800) ... • https://kb.juniper.net/JSA11059 • CWE-20: Improper Input Validation •
CVSS: 9.9EPSS: 0%CPEs: 56EXPL: 0CVE-2020-1660 – Junos OS: MX Series: Receipt of specific packets can cause services card to restart when DNS filtering is configured.
https://notcve.org/view.php?id=CVE-2020-1660
16 Oct 2020 — When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart. While the Services PIC is restarting, all PIC services including DNS filtering service (DNS sink holing) will be bypassed until the Services PIC completes its boot process. This vulnerabil... • https://kb.juniper.net/JSA11054 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 326EXPL: 0CVE-2020-1656 – Junos OS: When a DHCPv6 Relay-Agent is configured upon receipt of a specific DHCPv6 client message, Remote Code Execution may occur.
https://notcve.org/view.php?id=CVE-2020-1656
16 Oct 2020 — The DHCPv6 Relay-Agent service, part of the Juniper Enhanced jdhcpd daemon shipped with Juniper Networks Junos OS has an Improper Input Validation vulnerability which will result in a Denial of Service (DoS) condition when a DHCPv6 client sends a specific DHPCv6 message allowing an attacker to potentially perform a Remote Code Execution (RCE) attack on the target device. Continuous receipt of the specific DHCPv6 client message will result in an extended Denial of Service (DoS) condition. If adjacent devices... • https://kb.juniper.net/JSA11049 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 5.3EPSS: 0%CPEs: 138EXPL: 0CVE-2020-1655 – Junos OS: MX Series: PFE crash on MPC7/8/9 upon receipt of large packets requiring fragmentation
https://notcve.org/view.php?id=CVE-2020-1655
17 Jul 2020 — When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine (PFE) will become disabled upon receipt of large packets requiring fragmentation, generating the following error messages: [LOG: Err] MQSS(0): WO: Packet Error - Error Packets 1, Connection 29 [LOG: Err] eachip_hmcif_rx_intr_handler(7259): EA[0:0]: HMCIF Rx: Injected checksum error detected on WO ... • https://kb.juniper.net/JSA11041 •