Sign-up

ID

VAR-201804-0667


CVE

CVE-2018-0020


TITLE

Juniper Networks Junos OS Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-004215

DESCRIPTION

Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart. Receipt of a repeated malformed BGP UPDATEs can result in an extended denial of service condition for the device. This malformed BGP UPDATE does not propagate to other BGP peers. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D130 on SRX; 15.1X53 versions prior to 15.1X53-D66 on QFX10K; 15.1X53 versions prior to 15.1X53-D58 on EX2300/EX3400; 15.1X53 versions prior to 15.1X53-D233 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D471 on NFX; 16.1 versions prior to 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D47; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R2-S3, 17.1R3; 17.2 versions prior to 17.2R1-S3, 17.2R2-S1, 17.2R3; 17.2X75 versions prior to 17.2X75-D70; 13.2 versions above and including 13.2R1. Versions prior to 13.2R1 are not affected. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. Juniper Networks Junos OS Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. An attacker may exploit this issue to cause denial-of-service conditions. The operating system provides a secure programming interface and Junos SDK. The following versions are affected: Juniper Junos OS Release 13.2, Release 14.1X53, Release 15.1, Release 15.1X49, Release 15.1X53, Release 16.1, Release 16.2, Release 17.1, Release 17.2, Release 17.2X75

Trust: 1.98

sources: NVD: CVE-2018-0020 // JVNDB: JVNDB-2018-004215 // BID: 104743 // VULHUB: VHN-118222

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:17.2x75

Trust: 1.9

vendor:junipermodel:junosscope:eqversion:15.1x53

Trust: 1.9

vendor:junipermodel:junosscope:eqversion:17.2

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:16.2

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:16.1x65

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:16.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:15.1x49

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:15.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:14.1x53

Trust: 1.3

vendor:junipermodel:junos osscope: - version: -

Trust: 0.8

vendor:junipermodel:junos 17.2r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2r1-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r1-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d65scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d64scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d63scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d62scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d60scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d59scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d57scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d49scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d48scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d470scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d47scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d33scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d31scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d232scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d231scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d230scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d90scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d80scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d70scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d60scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r4-s8scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r4-s7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s8scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d45scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d44scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d42scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d34scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d28scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d26scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d18scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d16scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d12scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2x75-d70scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.2r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.2r2-s1scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.2r1-s3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.1r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2-s3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.2r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s5scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.2r1-s6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1x65-d47scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r7scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r6-s3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r5-s3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s9scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3-s8scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d66scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d58scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d471scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d233scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d130scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1r7scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6-s6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1r4-s9scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1f6-s10scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d47scope:neversion: -

Trust: 0.3

sources: BID: 104743 // JVNDB: JVNDB-2018-004215 // CNNVD: CNNVD-201804-515 // NVD: CVE-2018-0020

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0020
value: HIGH

Trust: 1.0

sirt@juniper.net: CVE-2018-0020
value: HIGH

Trust: 1.0

NVD: CVE-2018-0020
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201804-515
value: HIGH

Trust: 0.6

VULHUB: VHN-118222
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-0020
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118222
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0020
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-118222 // JVNDB: JVNDB-2018-004215 // CNNVD: CNNVD-201804-515 // NVD: CVE-2018-0020 // NVD: CVE-2018-0020

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-118222 // JVNDB: JVNDB-2018-004215 // NVD: CVE-2018-0020

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-515

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201804-515

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-004215

PATCH
title:JSA10848url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10848&actp=METADATA
Trust: 0.8
title:Juniper Junos OS Enter the fix for the verification vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83281
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-004215 // 
            
            
            
            CNNVD: CNNVD-201804-515

EXTERNAL IDS
db:NVDid:CVE-2018-0020
Trust: 2.8
db:JUNIPERid:JSA10848
Trust: 2.0
db:SECTRACKid:1040788
Trust: 1.7
db:JVNDBid:JVNDB-2018-004215
Trust: 0.8
db:CNNVDid:CNNVD-201804-515
Trust: 0.7
db:BIDid:104743
Trust: 0.4
db:VULHUBid:VHN-118222
Trust: 0.1
sources:
            
            
            VULHUB: VHN-118222 // 
            
            
            
            BID: 104743 // 
            
            
            
            JVNDB: JVNDB-2018-004215 // 
            
            
            
            CNNVD: CNNVD-201804-515 // 
            
            
            
            NVD: CVE-2018-0020

REFERENCES
url:https://kb.juniper.net/jsa10848
Trust: 1.7
url:http://www.securitytracker.com/id/1040788
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0020
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0020
Trust: 0.8
url:http://www.juniper.net/
Trust: 0.3
url:http://www.juniper.net/us/en/products-services/nos/junos/
Trust: 0.3
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10848&cat=sirt_1&actp=list
Trust: 0.3
sources:
            
            
            VULHUB: VHN-118222 // 
            
            
            
            BID: 104743 // 
            
            
            
            JVNDB: JVNDB-2018-004215 // 
            
            
            
            CNNVD: CNNVD-201804-515 // 
            
            
            
            NVD: CVE-2018-0020

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 104743

SOURCES
db:VULHUBid:VHN-118222
db:BIDid:104743
db:JVNDBid:JVNDB-2018-004215
db:CNNVDid:CNNVD-201804-515
db:NVDid:CVE-2018-0020

LAST UPDATE DATE
2024-08-14T15:13:11.785000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-118222date:2019-10-09T00:00:00
db:BIDid:104743date:2018-04-11T00:00:00
db:JVNDBid:JVNDB-2018-004215date:2018-06-14T00:00:00
db:CNNVDid:CNNVD-201804-515date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0020date:2019-10-09T23:30:59.347

SOURCES RELEASE DATE
db:VULHUBid:VHN-118222date:2018-04-11T00:00:00
db:BIDid:104743date:2018-04-11T00:00:00
db:JVNDBid:JVNDB-2018-004215date:2018-06-14T00:00:00
db:CNNVDid:CNNVD-201804-515date:2018-04-11T00:00:00
db:NVDid:CVE-2018-0020date:2018-04-11T19:29:00.510