CVSS: 6.5EPSS: 0%CPEs: 130EXPL: 0CVE-2020-1687 – Junos OS: EX4300-MP/EX4600/QFX5K Series: High CPU load due to receipt of specific layer 2 frames in EVPN-VXLAN deployment.
https://notcve.org/view.php?id=CVE-2020-1687
16 Oct 2020 — On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in (Ethernet VPN) EVPN-(Virtual Extensible LAN) VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffic interruption. This issue affects devices that are configured as a Layer 2 or Layer 3 gateway of an EVPN-VXLAN deployment. The offending layer 2 frames that cause the issue originate from a different access swi... • https://kb.juniper.net/JSA11084 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2020-1686 – Junos OS: Kernel crash (vmcore) upon receipt of a malformed IPv6 packet.
https://notcve.org/view.php?id=CVE-2020-1686
16 Oct 2020 — On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to crash and restart (vmcore). This issue can be trigged by a malformed IPv6 packet destined to the Routing Engine. An attacker can repeatedly send the offending packet resulting in an extended Denial of Service condition. Only IPv6 packets can trigger this issue. IPv4 packets cannot trigger this issue. • https://kb.juniper.net/JSA11083 • CWE-415: Double Free •
CVSS: 5.8EPSS: 0%CPEs: 64EXPL: 0CVE-2020-1685 – Junos OS: EX4600, QFX5K Series: Stateless firewall filter matching 'user-vlan-id' will cause incomplete discard action
https://notcve.org/view.php?id=CVE-2020-1685
16 Oct 2020 — When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series devices using Virtual Extensible LAN protocol (VXLAN), the discard action will fail to discard traffic under certain conditions. Given a firewall filter configuration similar to: family ethernet-switching { filter L2-VLAN { term ALLOW { from { user-vlan-id 100; } then { accept; } } term NON-MATCH { then { discard; } } when there is only one term containing a 'user-vlan-id' match condition, and no other terms in the fi... • https://kb.juniper.net/JSA11082 • CWE-203: Observable Discrepancy •
CVSS: 7.5EPSS: 0%CPEs: 151EXPL: 0CVE-2020-1684 – Junos OS: SRX Series: High CPU load due to processing for HTTP traffic when Application Identification is enabled.
https://notcve.org/view.php?id=CVE-2020-1684
16 Oct 2020 — On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load utilization, which could lead to traffic interruption. Application identification is enabled by default and is automatically turned on when Intrusion Detection and Prevention (IDP), AppFW, AppQoS, or AppTrack is configured. Thus, this issue might occur when IDP, AppFW, AppQoS, or AppTrack is configured. This issue affects Juniper Networks Junos OS on SRX Seri... • https://kb.juniper.net/JSA11081 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2020-1683 – Junos OS: Memory leak leads to kernel crash (vmcore) due to SNMP polling
https://notcve.org/view.php?id=CVE-2020-1683
16 Oct 2020 — On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory leak which over time leads to a kernel crash (vmcore). Prior to the kernel crash other processes might be impacted, such as failure to establish SSH connection to the device. The administrator can monitor the output of the following command to check if there is memory leak caused by this issue: user@device> show system virtual-memory | match "pfe_ipc|kmem" pfe_ipc 147 5K - 164352 16,32,64,8192 <-- increasing vm.kmem_map_free: 127... • https://kb.juniper.net/JSA11080 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 146EXPL: 0CVE-2020-1682 – Junos OS: SRX1500, vSRX, SRX4K, NFX150, NFX250: Denial of service vulnerability executing local CLI command
https://notcve.org/view.php?id=CVE-2020-1682
16 Oct 2020 — An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash the srxpfe process, causing a Denial of Service (DoS) through the use of specific maintenance commands. The srxpfe process restarts automatically, but continuous execution of the commands could lead to an extended Denial of Service condition. This issue only affects the SRX1500, SRX4100, SRX4200, NFX150, NFX250, and vSRX-based platforms. No other products or platforms are affected by this vulnerability. This... • https://kb.juniper.net/JSA11079 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 243EXPL: 0CVE-2020-1680 – Junos OS: MX Series: MS-MPC/MIC might crash when processing malformed IPv6 packet in NAT64 configuration.
https://notcve.org/view.php?id=CVE-2020-1680
16 Oct 2020 — On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. This issue occurs when a multiservice card is translating the malformed IPv6 packet to IPv4 packet. An unauthenticated attacker can continuously send crafted IPv6 packets through the device causing repetitive MS-PIC process crashes, resulting in an extended Denial of Service condition. This issue affects Juniper Networks Junos OS... • https://kb.juniper.net/JSA11077 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.5EPSS: 0%CPEs: 122EXPL: 0CVE-2020-1679 – Junos OS: PTX/QFX Series: Kernel Routing Table (KRT) queue stuck after packet sampling a malformed packet when the tunnel-observation mpls-over-udp configuration is enabled.
https://notcve.org/view.php?id=CVE-2020-1679
16 Oct 2020 — On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table (KRT) queue to become stuck. KRT is the module within the Routing Process Daemon (RPD) that synchronized the routing tables with the forwarding tables in the kernel. This table is then synchronized to the Packet Forwarding Engine (PFE) via the KRT queue. Thus, when KRT queue become stuck, it can lead to unexpected packet forw... • https://kb.juniper.net/JSA11076 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2020-1678 – Junos OS and Junos OS Evolved: RPD can crash due to a slow memory leak.
https://notcve.org/view.php?id=CVE-2020-1678
16 Oct 2020 — On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. If the memory is exhausted the rpd process might crash. If the issue occurs, the memory leak could be seen by executing the "show task memory detail | match policy | match evpn" command multiple times to check if memory (Alloc Blocks value) is increasing. root@device> show task memory detail | match policy | match evpn ------------------------ Allocator Memory Report -... • https://kb.juniper.net/JSA11075 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 1%CPEs: 77EXPL: 0CVE-2020-1673 – Junos OS: Reflected Cross-site Scripting vulnerability in J-Web and web based (HTTP/HTTPS) services
https://notcve.org/view.php?id=CVE-2020-1673
16 Oct 2020 — Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTTPS) services allows an unauthenticated attacker to hijack the target user's HTTP/HTTPS session and perform administrative actions on the Junos device as the targeted user. This issue only affects Juniper Networks Junos OS devices with HTTP/HTTPS services enabled such as J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP). Jun... • https://kb.juniper.net/JSA11070 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •