CVE-2020-1668

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on EX2300 Series versions prior to 18.1R3-S11 Juniper Networks Junos OS on EX2300 Series versions prior to 18.2R3-S5 Juniper Networks Junos OS on EX2300 Series versions prior to 18.3R2-S4 Juniper Networks Junos OS on EX2300 Series versions prior to 18.3R3-S3 Juniper Networks Junos OS on EX2300 Series versions prior to 18.4R2-S5 Juniper Networks Junos OS on EX2300 Series versions prior to 18.4R3-S4 Juniper Networks Junos OS on EX2300 Series versions prior to 19.1R3-S2 Juniper Networks Junos OS on EX2300 Series versions prior to 19.2R1-S5 Juniper Networks Junos OS on EX2300 Series versions prior to 19.2R3 Juniper Networks Junos OS on EX2300 Series versions prior to 19.3R2-S4 Juniper Networks Junos OS on EX2300 Series versions prior to 19.3R3 Juniper Networks Junos OS on EX2300 Series versions prior to 19.4R1-S3 Juniper Networks Junos OS on EX2300 Series versions prior to 19.4R2-S1 Juniper Networks Junos OS on EX2300 Series versions prior to 19.4R3 Juniper Networks Junos OS on EX2300 Series versions prior to 20.1R1-S2 Juniper Networks Junos OS on EX2300 Series versions prior to 20.1R2

Description The issue occurs when the layer 2 interface of the Juniper Networks EX2300 Series receives a stream of specific multicast packets, causing high CPU load and potentially leading to traffic interruption. Administrators can check for high CPU load by running the commands show chassis routing-engine and show system processes summary, looking for low "Idle" values and high WCPU percentages for the eventd and fxpc processes.

Recommendations To resolve the issue for each affected version, update to the respective fixed version or later. For versions prior to 18.1R3-S11, update to 18.1R3-S11 or later. For versions prior to 18.2R3-S5, update to 18.2R3-S5 or later. For versions prior to 18.3R2-S4, update to 18.3R2-S4 or later. For versions prior to 18.3R3-S3, update to 18.3R3-S3 or later. For versions prior to 18.4R2-S5, update to 18.4R2-S5 or later. For versions prior to 18.4R3-S4, update to 18.4R3-S4 or later. For versions prior to 19.1R3-S2, update to 19.1R3-S2 or later. For versions prior to 19.2R1-S5, update to 19.2R1-S5 or later. For versions prior to 19.2R3, update to 19.2R3 or later. For versions prior to 19.3R2-S4, update to 19.3R2-S4 or later. For versions prior to 19.3R3, update to 19.3R3 or later. For versions prior to 19.4R1-S3, update to 19.4R1-S3 or later. For versions prior to 19.4R2-S1, update to 19.4R2-S1 or later. For versions prior to 19.4R3, update to 19.4R3 or later. For versions prior to 20.1R1-S2, update to 20.1R1-S2 or later. For versions prior to 20.1R2, update to 20.1R2 or later.