Sign-up

ID

VAR-202010-0387


CVE

CVE-2020-1660


TITLE

Juniper Networks Junos MX  Run on the series  Junos OS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-012631

DESCRIPTION

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart. While the Services PIC is restarting, all PIC services including DNS filtering service (DNS sink holing) will be bypassed until the Services PIC completes its boot process. This vulnerability might allow an attacker to cause an extended Denial of Service (DoS) attack against the device and to cause clients to be vulnerable to DNS based attacks by malicious DNS servers when they send DNS requests through the device. As a result, devices which were once protected by the DNS Filtering service are no longer protected and at risk of exploitation. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S8; 18.3 versions prior to 18.3R3-S1; 18.4 versions prior to 18.4R3; 19.1 versions prior to 19.1R3; 19.2 versions prior to 19.2R2; 19.3 versions prior to 19.3R3. This issue does not affect Juniper Networks Junos OS 17.4, 18.1, and 18.2. Juniper Networks Junos MX Run on the series Junos OS Contains an unspecified vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. The operating system provides a secure programming interface and Junos SDK. A security vulnerability exists in Junos OS MX that could be exploited by an attacker to trigger a fatal error through DNS filtering to trigger a denial of service

Trust: 1.8

sources: NVD: CVE-2020-1660 // JVNDB: JVNDB-2020-012631 // VULHUB: VHN-169694 // VULMON: CVE-2020-1660

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:17.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.3

Trust: 1.0

vendor:ジュニパーネットワークスmodel:junos osscope:eqversion: -

Trust: 0.8

vendor:ジュニパーネットワークスmodel:junos osscope:ltversion:17.3r3-s8 less than 17.3

Trust: 0.8

vendor:ジュニパーネットワークスmodel:junos osscope:ltversion:18.3r3-s1 less than 18.3

Trust: 0.8

vendor:ジュニパーネットワークスmodel:junos osscope:ltversion:18.4r3 less than 18.4

Trust: 0.8

vendor:ジュニパーネットワークスmodel:junos osscope:ltversion:19.1r3 less than 19.1

Trust: 0.8

vendor:ジュニパーネットワークスmodel:junos osscope:ltversion:19.2r2 less than 19.2

Trust: 0.8

vendor:ジュニパーネットワークスmodel:junos osscope:ltversion:19.3r3 less than 19.3

Trust: 0.8

sources: JVNDB: JVNDB-2020-012631 // NVD: CVE-2020-1660

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-1660
value: CRITICAL

Trust: 1.0

sirt@juniper.net: CVE-2020-1660
value: HIGH

Trust: 1.0

NVD: CVE-2020-1660
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202010-649
value: CRITICAL

Trust: 0.6

VULHUB: VHN-169694
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-1660
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-1660
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-169694
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-1660
baseSeverity: CRITICAL
baseScore: 9.9
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.3
version: 3.1

Trust: 1.0

sirt@juniper.net: CVE-2020-1660
baseSeverity: HIGH
baseScore: 8.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 3.7
version: 3.1

Trust: 1.0

NVD: CVE-2020-1660
baseSeverity: CRITICAL
baseScore: 9.9
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-169694 // VULMON: CVE-2020-1660 // JVNDB: JVNDB-2020-012631 // CNNVD: CNNVD-202010-649 // NVD: CVE-2020-1660 // NVD: CVE-2020-1660

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-362

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2020-012631 // NVD: CVE-2020-1660

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202010-649

TYPE

competition condition problem

Trust: 0.6

sources: CNNVD: CNNVD-202010-649

PATCH

title:JSA11054url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11054&actp=METADATA

Trust: 0.8

title:Juniper Networks Junos OS MX Repair measures for the competition condition problem loopholeurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=131299

Trust: 0.6

sources: JVNDB: JVNDB-2020-012631 // CNNVD: CNNVD-202010-649

EXTERNAL IDS

db:NVDid:CVE-2020-1660

Trust: 2.6

db:JUNIPERid:JSA11054

Trust: 1.8

db:JVNDBid:JVNDB-2020-012631

Trust: 0.8

db:AUSCERTid:ESB-2020.3550

Trust: 0.6

db:CNNVDid:CNNVD-202010-649

Trust: 0.6

db:VULHUBid:VHN-169694

Trust: 0.1

db:VULMONid:CVE-2020-1660

Trust: 0.1

sources: VULHUB: VHN-169694 // VULMON: CVE-2020-1660 // JVNDB: JVNDB-2020-012631 // CNNVD: CNNVD-202010-649 // NVD: CVE-2020-1660

REFERENCES

url:https://kb.juniper.net/jsa11054

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-1660

Trust: 1.4

url:https://vigilance.fr/vulnerability/junos-os-mx-denial-of-service-via-dns-filtering-33578

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3550/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/189898

Trust: 0.1

sources: VULHUB: VHN-169694 // VULMON: CVE-2020-1660 // JVNDB: JVNDB-2020-012631 // CNNVD: CNNVD-202010-649 // NVD: CVE-2020-1660

SOURCES

db:VULHUBid:VHN-169694
db:VULMONid:CVE-2020-1660
db:JVNDBid:JVNDB-2020-012631
db:CNNVDid:CNNVD-202010-649
db:NVDid:CVE-2020-1660

LAST UPDATE DATE

2024-08-14T14:18:45.925000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-169694date:2020-10-28T00:00:00
db:VULMONid:CVE-2020-1660date:2020-10-28T00:00:00
db:JVNDBid:JVNDB-2020-012631date:2021-05-18T04:55:00
db:CNNVDid:CNNVD-202010-649date:2020-10-29T00:00:00
db:NVDid:CVE-2020-1660date:2020-10-28T18:00:47.847

SOURCES RELEASE DATE

db:VULHUBid:VHN-169694date:2020-10-16T00:00:00
db:VULMONid:CVE-2020-1660date:2020-10-16T00:00:00
db:JVNDBid:JVNDB-2020-012631date:2021-05-18T00:00:00
db:CNNVDid:CNNVD-202010-649date:2020-10-15T00:00:00
db:NVDid:CVE-2020-1660date:2020-10-16T21:15:12.300