CVE-2020-1628

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions 14.1X53 through 14.1X53-D52 on EX4300 Juniper Networks Junos OS versions 15.1 through 15.1R7-S5 on EX4300 Juniper Networks Junos OS versions 15.1X49 through 15.1X49-D199 on EX4300 Juniper Networks Junos OS versions 16.1 through 16.1R7-S6 on EX4300 Juniper Networks Junos OS versions 17.1 through 17.1R2-S10 on EX4300 Juniper Networks Junos OS versions 17.2 through 17.2R3-S2 on EX4300 Juniper Networks Junos OS versions 17.3 through 17.3R2-S4 on EX4300 Juniper Networks Junos OS versions 17.4 through 17.4R2-S8 on EX4300 Juniper Networks Junos OS versions 18.1 through 18.1R3-S7 on EX4300 Juniper Networks Junos OS versions 18.2 through 18.2R3-S1 on EX4300 Juniper Networks Junos OS versions 18.3 through 18.3R2-S2 on EX4300 Juniper Networks Junos OS versions 18.4 through 18.4R1-S4 on EX4300 Juniper Networks Junos OS versions 19.1 through 19.1R1-S3 on EX4300 Juniper Networks Junos OS versions 19.2 through 19.2R1-S3 on EX4300 Juniper Networks Junos OS versions 19.3 through 19.3R1-S0 on EX4300

Description: The issue is related to the use of the 128.0.0.0/2 subnet for internal communications between the RE and PFEs in Juniper Networks Junos OS. Packets utilizing these IP addresses may egress an EX4300 switch, potentially leaking configuration information such as heartbeats and kernel versions to the Internet. This could allow a remote attacker to gain unauthorized access to sensitive information.

Recommendations: Update to version 14.1X53-D53 or later on EX4300 Update to version 15.1R7-S6 or later on EX4300 Update to version 15.1X49-D200 or later on EX4300 Update to version 16.1R7-S7 or later on EX4300 Update to version 17.1R2-S11 or later on EX4300 Update to version 17.2R3-S3 or later on EX4300 Update to version 17.3R2-S5 or later on EX4300 Update to version 17.4R2-S9 or later on EX4300 Update to version 18.1R3-S8 or later on EX4300 Update to version 18.2R3-S2 or later on EX4300 Update to version 18.3R2-S3 or later on EX4300 Update to version 18.4R1-S5 or later on EX4300 Update to version 19.1R1-S4 or later on EX4300 Update to version 19.2R1-S4 or later on EX4300 Update to version 19.3R1-S1 or later on EX4300