Sign-up

ID

VAR-202007-0726


CVE

CVE-2020-1653


TITLE

Juniper Networks Junos OS Buffer error vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-008321

DESCRIPTION

On Juniper Networks Junos OS devices, a stream of TCP packets sent to the Routing Engine (RE) may cause mbuf leak which can lead to Flexible PIC Concentrator (FPC) crash or the system to crash and restart (vmcore). This issue can be trigged by IPv4 or IPv6 and it is caused only by TCP packets. This issue is not related to any specific configuration and it affects Junos OS releases starting from 17.4R1. However, this issue does not affect Junos OS releases prior to 18.2R1 when Nonstop active routing (NSR) is configured [edit routing-options nonstop-routing]. The number of mbufs is platform dependent. The following command provides the number of mbufs counter that are currently in use and maximum number of mbufs that can be allocated on a platform: user@host> show system buffers 2437/3143/5580 mbufs in use (current/cache/total) Once the device runs out of mbufs, the FPC crashes or the vmcore occurs and the device might become inaccessible requiring a manual restart. This issue affects Juniper Networks Junos OS 17.4 versions prior to 17.4R2-S11, 17.4R3-S2; 18.1 versions prior to 18.1R3-S10; 18.2 versions prior to 18.2R2-S7, 18.2R3-S5; 18.2X75 versions prior to 18.2X75-D41, 18.2X75-D420.12, 18.2X75-D51, 18.2X75-D60, 18.2X75-D34; 18.3 versions prior to 18.3R2-S4, 18.3R3-S2; 18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3-S1; 19.1 versions prior to 19.1R1-S5, 19.1R2-S1, 19.1R3; 19.2 versions prior to 19.2R1-S5, 19.2R2; 19.3 versions prior to 19.3R2-S3, 19.3R3; 19.4 versions prior to 19.4R1-S2, 19.4R2. Versions of Junos OS prior to 17.4R1 are unaffected by this vulnerability. Juniper Networks Junos OS Exists in a buffer error vulnerability.Service operation interruption (DoS) It may be put into a state. Juniper Networks Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware equipment. The operating system provides a secure programming interface and Junos SDK. The following products and versions are affected: Juniper Networks Junos OS Release 17.4, Release 18.1, Release 18.2, Release 18.2X75, Release 18.3, Release 18.4, Release 19.1, Release 19.2, Release 19.3, Release 19.4

Trust: 1.71

sources: NVD: CVE-2020-1653 // JVNDB: JVNDB-2020-008321 // VULHUB: VHN-169617

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:19.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.2x75

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.1

Trust: 1.0

vendor:junipermodel:junos osscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-008321 // NVD: CVE-2020-1653

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-1653
value: HIGH

Trust: 1.0

sirt@juniper.net: CVE-2020-1653
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-008321
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202007-425
value: HIGH

Trust: 0.6

VULHUB: VHN-169617
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-1653
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-008321
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-169617
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-1653
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: JVNDB-2020-008321
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-169617 // JVNDB: JVNDB-2020-008321 // CNNVD: CNNVD-202007-425 // NVD: CVE-2020-1653 // NVD: CVE-2020-1653

PROBLEMTYPE DATA

problemtype:CWE-772

Trust: 1.1

problemtype:CWE-159

Trust: 1.0

problemtype:CWE-119

Trust: 0.9

sources: VULHUB: VHN-169617 // JVNDB: JVNDB-2020-008321 // NVD: CVE-2020-1653

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202007-425

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202007-425

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-008321

PATCH
title:JSA11040url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11040&actp=METADATA
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2020-008321

EXTERNAL IDS
db:NVDid:CVE-2020-1653
Trust: 2.5
db:JUNIPERid:JSA11040
Trust: 1.7
db:JVNDBid:JVNDB-2020-008321
Trust: 0.8
db:CNNVDid:CNNVD-202007-425
Trust: 0.7
db:AUSCERTid:ESB-2020.2496
Trust: 0.6
db:CNVDid:CNVD-2020-43755
Trust: 0.1
db:VULHUBid:VHN-169617
Trust: 0.1
sources:
            
            
            VULHUB: VHN-169617 // 
            
            
            
            JVNDB: JVNDB-2020-008321 // 
            
            
            
            CNNVD: CNNVD-202007-425 // 
            
            
            
            NVD: CVE-2020-1653

REFERENCES
url:https://kb.juniper.net/jsa11040
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2020-1653
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1653
Trust: 0.8
url:https://vigilance.fr/vulnerability/junos-os-memory-leak-via-mbuf-32779
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.2496/
Trust: 0.6
sources:
            
            
            VULHUB: VHN-169617 // 
            
            
            
            JVNDB: JVNDB-2020-008321 // 
            
            
            
            CNNVD: CNNVD-202007-425 // 
            
            
            
            NVD: CVE-2020-1653

SOURCES
db:VULHUBid:VHN-169617
db:JVNDBid:JVNDB-2020-008321
db:CNNVDid:CNNVD-202007-425
db:NVDid:CVE-2020-1653

LAST UPDATE DATE
2024-11-23T22:44:28.995000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-169617date:2021-10-19T00:00:00
db:JVNDBid:JVNDB-2020-008321date:2020-09-08T00:00:00
db:CNNVDid:CNNVD-202007-425date:2021-10-20T00:00:00
db:NVDid:CVE-2020-1653date:2024-11-21T05:11:05.537

SOURCES RELEASE DATE
db:VULHUBid:VHN-169617date:2020-07-17T00:00:00
db:JVNDBid:JVNDB-2020-008321date:2020-09-08T00:00:00
db:CNNVDid:CNNVD-202007-425date:2020-07-09T00:00:00
db:NVDid:CVE-2020-1653date:2020-07-17T19:15:13.890