CVE-2020-1602

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 15.1R7-S6 Junos OS versions 15.1X49 prior to 15.1X49-D200 Junos OS versions 15.1X53 prior to 15.1X53-D592 Junos OS versions 16.1 prior to 16.1R7-S6 Junos OS versions 16.2 prior to 16.2R2-S11 Junos OS versions 17.1 prior to 17.1R2-S11, 17.1R3-S1 Junos OS versions 17.2 prior to 17.2R2-S8, 17.2R3-S3 Junos OS versions 17.3 prior to 17.3R3-S6 Junos OS versions 17.4 prior to 17.4R2-S7, 17.4R3 Junos OS versions 18.1 prior to 18.1R3-S8 Junos OS versions 18.2 prior to 18.2R3-S2 Junos OS versions 18.2X75 prior to 18.2X75-D60 Junos OS versions 18.3 prior to 18.3R1-S6, 18.3R2-S2, 18.3R3 Junos OS versions 18.4 prior to 18.4R1-S5, 18.4R2-S3, 18.4R3 Junos OS versions 19.1 prior to 19.1R1-S3, 19.1R2 Junos OS versions 19.2 prior to 19.2R1-S3, 19.2R2 Junos OS Evolved versions prior to 19.3R1

Description The issue is related to the Dynamic Host Configuration Protocol Daemon (JDHCPD) process in Junos OS, which is vulnerable to an attacker sending crafted IPv4 packets, allowing remote code execution with root privileges. This issue affects IPv4 JDHCPD services when configured in relay mode.

Recommendations For Junos OS versions prior to 15.1R7-S6, update to version 15.1R7-S6 or later. For Junos OS versions 15.1X49 prior to 15.1X49-D200, update to version 15.1X49-D200 or later. For Junos OS versions 15.1X53 prior to 15.1X53-D592, update to version 15.1X53-D592 or later. For Junos OS versions 16.1 prior to 16.1R7-S6, update to version 16.1R7-S6 or later. For Junos OS versions 16.2 prior to 16.2R2-S11, update to version 16.2R2-S11 or later. For Junos OS versions 17.1 prior to 17.1R2-S11, 17.1R3-S1, update to version 17.1R2-S11, 17.1R3-S1 or later. For Junos OS versions 17.2 prior to 17.2R2-S8, 17.2R3-S3, update to version 17.2R2-S8, 17.2R3-S3 or later. For Junos OS versions 17.3 prior to 17.3R3-S6, update to version 17.3R3-S6 or later. For Junos OS versions 17.4 prior to 17.4R2-S7, 17.4R3, update to version 17.4R2-S7, 17.4R3 or later. For Junos OS versions 18.1 prior to 18.1R3-S8, update to version 18.1R3-S8 or later. For Junos OS versions 18.2 prior to 18.2R3-S2, update to version 18.2R3-S2 or later. For Junos OS versions 18.2X75 prior to 18.2X75-D60, update to version 18.2X75-D60 or later. For Junos OS versions 18.3 prior to 18.3R1-S6, 18.3R2-S2, 18.3R3, update to version 18.3R1-S6, 18.3R2-S2, 18.3R3 or later. For Junos OS versions 18.4 prior to 18.4R1-S5, 18.4R2-S3, 18.4R3, update to version 18.4R1-S5, 18.4R2-S3, 18.4R3 or later. For Junos OS versions 19.1 prior to 19.1R1-S3, 19.1R2, update to version 19.1R1-S3, 19.1R2 or later. For Junos OS versions 19.2 prior to 19.2R1-S3, 19.2R2, update to version 19.2R1-S3, 19.2R2 or later. For Junos OS Evolved versions prior to 19.3R1, update to version 19.3R1 or later.