CVE-2020-1686
Junos OS: Kernel crash (vmcore) upon receipt of a malformed IPv6 packet.
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to crash and restart (vmcore). This issue can be trigged by a malformed IPv6 packet destined to the Routing Engine. An attacker can repeatedly send the offending packet resulting in an extended Denial of Service condition. Only IPv6 packets can trigger this issue. IPv4 packets cannot trigger this issue. This issue affects Juniper Networks Junos OS 18.4 versions prior to 18.4R2-S4, 18.4R3-S1; 19.1 versions prior to 19.1R2-S1, 19.1R3; 19.2 versions prior to 19.2R1-S5, 19.2R2; 19.3 versions prior to 19.3R2-S4, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2. This issue does not affect Juniper Networks Junos OS prior to 18.4R1.
En dispositivos Juniper Networks Junos OS, la recepción de un paquete IPv6 malformado puede causar que el sistema se bloquee y se reinicie (vmcore). Este problema puede ser desencadenado por un paquete IPv6 malformado destinado al Motor de Enrutamiento. Un atacante puede enviar repetidamente el paquete infractor, resultando en una condición de Denegación de Servicio extendida. Solo los paquetes IPv6 pueden desencadenar este problema. Los paquetes IPv4 no pueden desencadenar este problema. Este problema afecta a Juniper Networks Junos OS versiones 18.4 anteriores a 18.4R2-S4, 18.4R3-S1; versiones 19.1 anteriores a 19.1R2-S1, 19.1R3; versiones 19.2 anteriores a 19.2R1-S5, 19.2R2; versiones 19.3 anteriores a 19.3R2-S4, 19.3R3; versiones 19.4 anteriores a 19.4R1-S3, 19.4R2. Este problema no afecta a Juniper Networks Junos OS anterior a versión 18.4R1
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-11-04 CVE Reserved
- 2020-10-16 CVE Published
- 2023-07-02 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-415: Double Free
CAPEC
References (1)
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.4 Search vendor "Juniper" for product "Junos" and version "18.4" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.4 Search vendor "Juniper" for product "Junos" and version "18.4" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.4 Search vendor "Juniper" for product "Junos" and version "18.4" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.4 Search vendor "Juniper" for product "Junos" and version "18.4" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.4 Search vendor "Juniper" for product "Junos" and version "18.4" | r1-s5 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.4 Search vendor "Juniper" for product "Junos" and version "18.4" | r1-s6 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.4 Search vendor "Juniper" for product "Junos" and version "18.4" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.4 Search vendor "Juniper" for product "Junos" and version "18.4" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.4 Search vendor "Juniper" for product "Junos" and version "18.4" | r2-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.4 Search vendor "Juniper" for product "Junos" and version "18.4" | r2-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.4 Search vendor "Juniper" for product "Junos" and version "18.4" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.1 Search vendor "Juniper" for product "Junos" and version "19.1" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.1 Search vendor "Juniper" for product "Junos" and version "19.1" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.1 Search vendor "Juniper" for product "Junos" and version "19.1" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.1 Search vendor "Juniper" for product "Junos" and version "19.1" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.1 Search vendor "Juniper" for product "Junos" and version "19.1" | r1-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.1 Search vendor "Juniper" for product "Junos" and version "19.1" | r1-s4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.1 Search vendor "Juniper" for product "Junos" and version "19.1" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r1-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r1-s4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r2-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r2-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.4 Search vendor "Juniper" for product "Junos" and version "19.4" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.4 Search vendor "Juniper" for product "Junos" and version "19.4" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.4 Search vendor "Juniper" for product "Junos" and version "19.4" | r1-s2 |
Affected
| ||||||