ID

VAR-202010-0715


CVE

CVE-2020-1683


TITLE

Juniper Networks Junos OS  Vulnerabilities in lack of free memory after expiration

Trust: 0.8

sources: JVNDB: JVNDB-2020-012135

DESCRIPTION

On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory leak which over time leads to a kernel crash (vmcore). Prior to the kernel crash other processes might be impacted, such as failure to establish SSH connection to the device. The administrator can monitor the output of the following command to check if there is memory leak caused by this issue: user@device> show system virtual-memory | match "pfe_ipc|kmem" pfe_ipc 147 5K - 164352 16,32,64,8192 <-- increasing vm.kmem_map_free: 127246336 <-- decreasing pfe_ipc 0 0K - 18598 32,8192 vm.kmem_map_free: 134582272 This issue affects Juniper Networks Junos OS: 17.4R3; 18.1 version 18.1R3-S5 and later versions prior to 18.1R3-S10; 18.2 version 18.2R3 and later versions prior to 18.2R3-S3; 18.2X75 version 18.2X75-D420, 18.2X75-D50 and later versions prior to 18.2X75-D430, 18.2X75-D53, 18.2X75-D60; 18.3 version 18.3R3 and later versions prior to 18.3R3-S2; 18.4 version 18.4R1-S4, 18.4R2 and later versions prior to 18.4R2-S5, 18.4R3-S1; 19.1 version 19.1R2 and later versions prior to 19.1R2-S2, 19.1R3; 19.2 version 19.2R1 and later versions prior to 19.2R1-S5, 19.2R2; 19.3 versions prior to 19.3R2-S5, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2. This issue does not affect Juniper Networks Junos OS prior to 17.4R3. The operating system provides a secure programming interface and Junos SDK. A security vulnerability exists in Junos OS that could allow an attacker to trigger a denial of service by triggering a fatal error on an SNMP poll

Trust: 1.8

sources: NVD: CVE-2020-1683 // JVNDB: JVNDB-2020-012135 // VULHUB: VHN-169947 // VULMON: CVE-2020-1683

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:18.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.2x75

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.3

Trust: 1.0

vendor:ジュニパーネットワークスmodel:junos osscope:eqversion: -

Trust: 0.8

vendor:ジュニパーネットワークスmodel:junos osscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-012135 // NVD: CVE-2020-1683

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-1683
value: HIGH

Trust: 1.0

sirt@juniper.net: CVE-2020-1683
value: HIGH

Trust: 1.0

NVD: CVE-2020-1683
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202010-684
value: HIGH

Trust: 0.6

VULHUB: VHN-169947
value: HIGH

Trust: 0.1

VULMON: CVE-2020-1683
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-1683
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-169947
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sirt@juniper.net: CVE-2020-1683
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

OTHER: JVNDB-2020-012135
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-169947 // VULMON: CVE-2020-1683 // JVNDB: JVNDB-2020-012135 // CNNVD: CNNVD-202010-684 // NVD: CVE-2020-1683 // NVD: CVE-2020-1683

PROBLEMTYPE DATA

problemtype:CWE-401

Trust: 1.1

problemtype:Lack of free memory after expiration (CWE-401) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-169947 // JVNDB: JVNDB-2020-012135 // NVD: CVE-2020-1683

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202010-684

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202010-684

PATCH

title:JSA11080url:https://kb.juniper.net/JSA11080

Trust: 0.8

title:Juniper Networks Junos OS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=130754

Trust: 0.6

sources: JVNDB: JVNDB-2020-012135 // CNNVD: CNNVD-202010-684

EXTERNAL IDS

db:NVDid:CVE-2020-1683

Trust: 2.6

db:JUNIPERid:JSA11080

Trust: 1.8

db:JVNDBid:JVNDB-2020-012135

Trust: 0.8

db:CNNVDid:CNNVD-202010-684

Trust: 0.7

db:AUSCERTid:ESB-2020.3736

Trust: 0.6

db:VULHUBid:VHN-169947

Trust: 0.1

db:VULMONid:CVE-2020-1683

Trust: 0.1

sources: VULHUB: VHN-169947 // VULMON: CVE-2020-1683 // JVNDB: JVNDB-2020-012135 // CNNVD: CNNVD-202010-684 // NVD: CVE-2020-1683

REFERENCES

url:https://kb.juniper.net/jsa11080

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-1683

Trust: 1.4

url:https://vigilance.fr/vulnerability/junos-os-memory-leak-via-snmp-polling-33721

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3736/

Trust: 0.6

url:https://vigilance.fr/vulnerability/junos-os-denial-of-service-via-snmp-polling-33597

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/401.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/189909

Trust: 0.1

sources: VULHUB: VHN-169947 // VULMON: CVE-2020-1683 // JVNDB: JVNDB-2020-012135 // CNNVD: CNNVD-202010-684 // NVD: CVE-2020-1683

SOURCES

db:VULHUBid:VHN-169947
db:VULMONid:CVE-2020-1683
db:JVNDBid:JVNDB-2020-012135
db:CNNVDid:CNNVD-202010-684
db:NVDid:CVE-2020-1683

LAST UPDATE DATE

2024-08-14T15:43:06.752000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-169947date:2020-10-28T00:00:00
db:VULMONid:CVE-2020-1683date:2020-10-28T00:00:00
db:JVNDBid:JVNDB-2020-012135date:2021-04-26T07:28:00
db:CNNVDid:CNNVD-202010-684date:2020-10-30T00:00:00
db:NVDid:CVE-2020-1683date:2020-10-28T17:05:07.863

SOURCES RELEASE DATE

db:VULHUBid:VHN-169947date:2020-10-16T00:00:00
db:VULMONid:CVE-2020-1683date:2020-10-16T00:00:00
db:JVNDBid:JVNDB-2020-012135date:2021-04-26T00:00:00
db:CNNVDid:CNNVD-202010-684date:2020-10-15T00:00:00
db:NVDid:CVE-2020-1683date:2020-10-16T21:15:14.007