Sign-up

ID

VAR-202004-2178


CVE

CVE-2020-1632


TITLE

Juniper Networks Junos OS and Junos OS Evolved Vulnerability in handling exceptional conditions on devices

Trust: 0.8

sources: JVNDB: JVNDB-2020-004955

DESCRIPTION

In a certain condition, receipt of a specific BGP UPDATE message might cause Juniper Networks Junos OS and Junos OS Evolved devices to advertise an invalid BGP UPDATE message to other peers, causing the other peers to terminate the established BGP session, creating a Denial of Service (DoS) condition. For example, Router A sends a specific BGP UPDATE to Router B, causing Router B to send an invalid BGP UPDATE message to Router C, resulting in termination of the BGP session between Router B and Router C. This issue might occur when there is at least a single BGP session established on the device that does not support 4 Byte AS extension (RFC 4893). Repeated receipt of the same BGP UPDATE can result in an extended DoS condition. This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S2; 17.2 versions prior to 17.2R1-S9, 17.2R2-S8, 17.2R3-S3; 17.2X75 versions prior to 17.2X75-D105, 17.2X75-D110, 17.2X75-D44; 17.3 versions prior to 17.3R2-S5, 17.3R3-S7; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R2-S6, 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D12, 18.2X75-D33, 18.2X75-D411, 18.2X75-D420, 18.2X75-D51, 18.2X75-D60; 18.3 versions prior to 18.3R1-S6, 18.3R2-S3, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R3; 18.4 version 18.4R2 and later versions; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2. This issue does not affect Juniper Networks Junos OS prior to 16.1R1. This issue affects Juniper Networks Junos OS Evolved prior to 19.2R2-EVO. The operating system provides a secure programming interface and Junos SDK. Junos OS Evolved is an upgraded version of Junos OS

Trust: 1.71

sources: NVD: CVE-2020-1632 // JVNDB: JVNDB-2020-004955 // VULHUB: VHN-169386

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:19.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:16.2

Trust: 1.0

vendor:junipermodel:junos os evolvedscope:eqversion:19.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.2x75

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.1x75

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:16.1

Trust: 1.0

vendor:junipermodel:junos osscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-004955 // NVD: CVE-2020-1632

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-1632
value: HIGH

Trust: 1.0

sirt@juniper.net: CVE-2020-1632
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-004955
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202004-543
value: HIGH

Trust: 0.6

VULHUB: VHN-169386
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-1632
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-004955
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-169386
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-1632
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 2.0

NVD: JVNDB-2020-004955
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-169386 // JVNDB: JVNDB-2020-004955 // CNNVD: CNNVD-202004-543 // NVD: CVE-2020-1632 // NVD: CVE-2020-1632

PROBLEMTYPE DATA

problemtype:CWE-755

Trust: 1.9

sources: VULHUB: VHN-169386 // JVNDB: JVNDB-2020-004955 // NVD: CVE-2020-1632

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202004-543

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202004-543

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-004955

PATCH
title:JSA11013url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11013&actp=METADATA
Trust: 0.8
title:Juniper Networks Junos OS  and Junos OS Evolved Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115741
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2020-004955 // 
            
            
            
            CNNVD: CNNVD-202004-543

EXTERNAL IDS
db:NVDid:CVE-2020-1632
Trust: 2.5
db:JUNIPERid:JSA11013
Trust: 1.7
db:JVNDBid:JVNDB-2020-004955
Trust: 0.8
db:CNNVDid:CNNVD-202004-543
Trust: 0.7
db:AUSCERTid:ESB-2020.1271
Trust: 0.6
db:VULHUBid:VHN-169386
Trust: 0.1
sources:
            
            
            VULHUB: VHN-169386 // 
            
            
            
            JVNDB: JVNDB-2020-004955 // 
            
            
            
            CNNVD: CNNVD-202004-543 // 
            
            
            
            NVD: CVE-2020-1632

REFERENCES
url:https://kb.juniper.net/jsa11013
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2020-1632
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1632
Trust: 0.8
url:https://vigilance.fr/vulnerability/junos-os-denial-of-service-via-bgp-update-31976
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.1271/
Trust: 0.6
sources:
            
            
            VULHUB: VHN-169386 // 
            
            
            
            JVNDB: JVNDB-2020-004955 // 
            
            
            
            CNNVD: CNNVD-202004-543 // 
            
            
            
            NVD: CVE-2020-1632

SOURCES
db:VULHUBid:VHN-169386
db:JVNDBid:JVNDB-2020-004955
db:CNNVDid:CNNVD-202004-543
db:NVDid:CVE-2020-1632

LAST UPDATE DATE
2024-11-23T20:38:41.047000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-169386date:2021-10-25T00:00:00
db:JVNDBid:JVNDB-2020-004955date:2020-06-03T00:00:00
db:CNNVDid:CNNVD-202004-543date:2020-05-07T00:00:00
db:NVDid:CVE-2020-1632date:2024-11-21T05:11:02.687

SOURCES RELEASE DATE
db:VULHUBid:VHN-169386date:2020-04-15T00:00:00
db:JVNDBid:JVNDB-2020-004955date:2020-06-03T00:00:00
db:CNNVDid:CNNVD-202004-543date:2020-04-09T00:00:00
db:NVDid:CVE-2020-1632date:2020-04-15T21:15:35.043