CVSS: 8.6EPSS: 0%CPEs: 121EXPL: 0CVE-2020-1632 – Junos OS and Junos OS Evolved: Invalid BGP UPDATE sent to peer device may cause BGP session to terminate.
https://notcve.org/view.php?id=CVE-2020-1632
In a certain condition, receipt of a specific BGP UPDATE message might cause Juniper Networks Junos OS and Junos OS Evolved devices to advertise an invalid BGP UPDATE message to other peers, causing the other peers to terminate the established BGP session, creating a Denial of Service (DoS) condition. For example, Router A sends a specific BGP UPDATE to Router B, causing Router B to send an invalid BGP UPDATE message to Router C, resulting in termination of the BGP session between Router B and Router C. This issue might occur when there is at least a single BGP session established on the device that does not support 4 Byte AS extension (RFC 4893). Repeated receipt of the same BGP UPDATE can result in an extended DoS condition. This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S2; 17.2 versions prior to 17.2R1-S9, 17.2R2-S8, 17.2R3-S3; 17.2X75 versions prior to 17.2X75-D105, 17.2X75-D110, 17.2X75-D44; 17.3 versions prior to 17.3R2-S5, 17.3R3-S7; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R2-S6, 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D12, 18.2X75-D33, 18.2X75-D411, 18.2X75-D420, 18.2X75-D51, 18.2X75-D60; 18.3 versions prior to 18.3R1-S6, 18.3R2-S3, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R3; 18.4 version 18.4R2 and later versions; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2. • https://kb.juniper.net/JSA11013 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.4EPSS: 0%CPEs: 90EXPL: 0CVE-2020-1633 – Junos OS: MX Series: Crafted packets traversing a Broadband Network Gateway (BNG) configured with IPv6 NDP proxy could lead to Denial of Service
https://notcve.org/view.php?id=CVE-2020-1633
Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway (BNG) and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic to be discarded, leading to a Denial of Service (DoS) condition. This issue only affects Junos OS 17.4 and later releases. Prior releases do not support this feature and are unaffected by this vulnerability. This issue only affects IPv6. • https://kb.juniper.net/JSA11012 • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 142EXPL: 0CVE-2020-1637 – Junos OS: SRX Series: Unified Access Control (UAC) bypass vulnerability
https://notcve.org/view.php?id=CVE-2020-1637
A vulnerability in Juniper Networks SRX Series device configured as a Junos OS Enforcer device may allow a user to access network resources that are not permitted by a UAC policy. This issue might occur when the IP address range configured in the Infranet Controller (IC) is configured as an IP address range instead of an IP address/netmask. See the Workaround section for more detail. The Junos OS Enforcer CLI settings are disabled by default. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D100; 15.1X49 versions prior to 15.1X49-D210; 17.3 versions prior to 17.3R2-S5, 17.3R3-S8; 17.4 versions prior to 17.4R2-S9, 17.4R3-S1; 18.1 versions prior to 18.1R3-S10; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3; 18.3 versions prior to 18.3R1-S7, 18.3R3-S2; 18.4 versions prior to 18.4R1-S6, 18.4R2-S4, 18.4R3-S1; 19.1 versions prior to 19.1R1-S4, 19.1R2-S1, 19.1R3; 19.2 versions prior to 19.2R1-S3, 19.2R2; 19.3 versions prior to 19.3R2-S1, 19.3R3; 19.4 versions prior to 19.4R1-S1, 19.4R2. • https://kb.juniper.net/JSA11018 • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 5.5EPSS: 0%CPEs: 288EXPL: 0CVE-2020-1630 – Junos OS: Privilege escalation vulnerability in dual REs, VC or HA cluster may allow unauthorized configuration change.
https://notcve.org/view.php?id=CVE-2020-1630
A privilege escalation vulnerability in Juniper Networks Junos OS devices configured with dual Routing Engines (RE), Virtual Chassis (VC) or high-availability cluster may allow a local authenticated low-privileged user with access to the shell to perform unauthorized configuration modification. This issue does not affect Junos OS device with single RE or stand-alone configuration. This issue affects Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S14; 12.3X48 versions prior to 12.3X48-D86, 12.3X48-D90; 14.1X53 versions prior to 14.1X53-D51; 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190; 15.1X53 versions prior to 15.1X53-D592; 16.1 versions prior to 16.1R4-S13, 16.1R7-S6; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R2-S5, 18.2R3-S1; 18.2 versions prior to 18.2X75-D12, 18.2X75-D33, 18.2X75-D420, 18.2X75-D60, 18.2X75-D411; 18.3 versions prior to 18.3R1-S5, 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R1-S4, 18.4R2-S1, 18.4R3; 19.1 versions prior to 19.1R1-S2, 19.1R2; 19.2 versions prior to 19.2R1-S1, 19.2R2. Una vulnerabilidad de escalada de privilegios en dispositivos Juniper Networks Junos OS configurados con Routing Engines (RE) duales (RE), Virtual Chassis (VC) o clúster de alta disponibilidad puede permitir que un usuario autenticado local poco privilegiado y acceso al shell lleve a cabo modificaciones de la configuración no autorizadas. Este problema no afecta al dispositivo con Junos OS con una única configuración de RE o independiente. • https://kb.juniper.net/JSA11010 • CWE-264: Permissions, Privileges, and Access Controls CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.9EPSS: 0%CPEs: 147EXPL: 0CVE-2020-1629 – Junos OS: A race condition vulnerability may cause RPD daemon to crash when processing a BGP NOTIFICATION message.
https://notcve.org/view.php?id=CVE-2020-1629
A race condition vulnerability on Juniper Network Junos OS devices may cause the routing protocol daemon (RPD) process to crash and restart while processing a BGP NOTIFICATION message. This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R3-S3; 17.2 version 17.2R2 and later versions; 17.2X75 versions prior to 17.2X75-D105, 17.2X75-D110; 17.3 versions prior to 17.3R2-S5, 17.3R3-S6; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3-S3; 18.2X75 versions prior to 18.2X75-D410, 18.2X75-D420, 18.2X75-D50, 18.2X75-D60; 18.3 versions prior to 18.3R1-S5, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R2-S2, 18.4R3; 19.1 versions prior to 19.1R1-S2, 19.1R2; 19.2 versions prior to 19.2R1-S4, 19.2R2. This issue does not affect Juniper Networks Junos OS prior to version 16.1R1. Una vulnerabilidad de condición de carrera en los dispositivos Juniper Network Junos OS puede causar que el proceso de routing protocol daemon (RPD) se bloquee y reinicie mientras procesa un mensaje BGP NOTIFICATION. Este problema afecta a Juniper Networks Junos OS: versiones 16.1 anteriores a 16.1R7-S6; versiones 16.2 anteriores a 16.2R2-S11; versiones 17.1 anteriores a 17.1R2-S11, 17.1R3-S1; versiones 17.2 anteriores a 17.2R1-S9, 17.2R3-S3; versiones 17.2 hasta 17.2R2 y versiones posteriores; versiones 17.2X75 anteriores a 17.2X75-D105, 17.2X75-D110; versiones 17.3 anteriores a 17.3R2-S5, 17.3R3-S6; versiones 17.4 anteriores a 17.4R2-S7, 17.4R3; versiones 18.1 anteriores a 18.1R3-S8; versiones 18.2 anteriores a 18.2R3-S3; versiones 18.2X75 anteriores a 18.2X75-D410, 18.2X75-D420, 18.2X75-D50, 18.2X75-D60; versiones 18.3 anteriores a 18.3R1-S5, 18.3R2-S2, 18.3R3; versiones 18.4 anteriores a 18.4R2-S2, 18.4R3; versiones 19.1 anteriores a 19.1R1-S2, 19.1R2; versiones 19.2 anteriores a 19.2R1-S4, 19.2R2. • https://kb.juniper.net/JSA11009 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-366: Race Condition within a Thread •