Sign-up

ID

VAR-202007-0727


CVE

CVE-2020-1654


TITLE

Juniper Networks Junos OS Classic buffer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-008322

DESCRIPTION

On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) Continued processing of this malformed HTTP message may result in an extended Denial of Service (DoS) condition. The offending HTTP message that causes this issue may originate both from the HTTP server or the HTTP client. This issue affects Juniper Networks Junos OS on SRX Series: 18.1 versions prior to 18.1R3-S9 ; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3; 18.3 versions prior to 18.3R1-S7, 18.3R2-S4, 18.3R3-S1; 18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3; 19.1 versions prior to 19.1R1-S5, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS prior to 18.1R1. Juniper Networks Junos OS Exists in a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. The operating system provides a secure programming interface and Junos SDK. An attacker could exploit this vulnerability to cause a denial of service and execute code. The following products and versions are affected: Juniper Networks Junos OS Release 18.1, Release 18.2, Release 18.3, Release 18.4, Release 19.1, Release 19.2, Release 19.3

Trust: 1.71

sources: NVD: CVE-2020-1654 // JVNDB: JVNDB-2020-008322 // VULHUB: VHN-169628

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:18.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.3

Trust: 1.0

vendor:junipermodel:junos osscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-008322 // NVD: CVE-2020-1654

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-1654
value: CRITICAL

Trust: 1.0

sirt@juniper.net: CVE-2020-1654
value: CRITICAL

Trust: 1.0

NVD: JVNDB-2020-008322
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202007-412
value: CRITICAL

Trust: 0.6

VULHUB: VHN-169628
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-1654
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-008322
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-169628
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-1654
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: JVNDB-2020-008322
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-169628 // JVNDB: JVNDB-2020-008322 // CNNVD: CNNVD-202007-412 // NVD: CVE-2020-1654 // NVD: CVE-2020-1654

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.9

sources: VULHUB: VHN-169628 // JVNDB: JVNDB-2020-008322 // NVD: CVE-2020-1654

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202007-412

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202007-412

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-008322

PATCH
title:JSA11031url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11031&actp=METADATA
Trust: 0.8
title:Juniper Networks Junos OS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123549
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2020-008322 // 
            
            
            
            CNNVD: CNNVD-202007-412

EXTERNAL IDS
db:NVDid:CVE-2020-1654
Trust: 2.5
db:JUNIPERid:JSA11031
Trust: 1.7
db:JVNDBid:JVNDB-2020-008322
Trust: 0.8
db:CNNVDid:CNNVD-202007-412
Trust: 0.7
db:AUSCERTid:ESB-2020.2347.2
Trust: 0.6
db:AUSCERTid:ESB-2020.2347
Trust: 0.6
db:CNVDid:CNVD-2020-49036
Trust: 0.1
db:VULHUBid:VHN-169628
Trust: 0.1
sources:
            
            
            VULHUB: VHN-169628 // 
            
            
            
            JVNDB: JVNDB-2020-008322 // 
            
            
            
            CNNVD: CNNVD-202007-412 // 
            
            
            
            NVD: CVE-2020-1654

REFERENCES
url:https://kb.juniper.net/jsa11031
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2020-1654
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1654
Trust: 0.8
url:https://vigilance.fr/vulnerability/junos-os-srx-code-execution-via-http-icap-redirect-service-32771
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.2347/
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2020.2347.2/
Trust: 0.6
sources:
            
            
            VULHUB: VHN-169628 // 
            
            
            
            JVNDB: JVNDB-2020-008322 // 
            
            
            
            CNNVD: CNNVD-202007-412 // 
            
            
            
            NVD: CVE-2020-1654

SOURCES
db:VULHUBid:VHN-169628
db:JVNDBid:JVNDB-2020-008322
db:CNNVDid:CNNVD-202007-412
db:NVDid:CVE-2020-1654

LAST UPDATE DATE
2024-08-14T14:11:42.073000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-169628date:2021-02-05T00:00:00
db:JVNDBid:JVNDB-2020-008322date:2020-09-08T00:00:00
db:CNNVDid:CNNVD-202007-412date:2020-07-27T00:00:00
db:NVDid:CVE-2020-1654date:2021-02-05T16:49:04.023

SOURCES RELEASE DATE
db:VULHUBid:VHN-169628date:2020-07-17T00:00:00
db:JVNDBid:JVNDB-2020-008322date:2020-09-08T00:00:00
db:CNNVDid:CNNVD-202007-412date:2020-07-09T00:00:00
db:NVDid:CVE-2020-1654date:2020-07-17T19:15:13.983