CVE-2020-1665

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 17.2R3-S4 Junos OS versions prior to 17.2X75-D102 Junos OS versions prior to 17.2X75-D110 Junos OS versions prior to 17.3R3-S8 Junos OS versions prior to 17.4R2-S11 Junos OS versions prior to 17.4R3-S2 Junos OS versions prior to 18.2R2-S7 Junos OS versions prior to 18.2R3 Junos OS versions prior to 18.2R3-S3 Junos OS versions prior to 18.2X75-D30 Junos OS versions prior to 18.3R2-S4 Junos OS versions prior to 18.3R3-S2

Description: The issue affects the IPv6 Distributed Denial of Service (DDoS) protection on Juniper Networks MX Series and EX9200 Series, allowing the device to become overwhelmed and disrupting network protocol operations and/or interrupting traffic when under DDoS attack. This issue does not affect IPv4 DDoS protection. The problem is related to the absence of filtering of special elements, which can be exploited by a remote attacker to cause a denial of service by sending specially crafted IPv4 packets.

Recommendations: For Junos OS versions prior to 17.2R3-S4, update to 17.2R3-S4 or later. For Junos OS versions prior to 17.2X75-D102, update to 17.2X75-D102 or later. For Junos OS versions prior to 17.2X75-D110, update to 17.2X75-D110 or later. For Junos OS versions prior to 17.3R3-S8, update to 17.3R3-S8 or later. For Junos OS versions prior to 17.4R2-S11, update to 17.4R2-S11 or later. For Junos OS versions prior to 17.4R3-S2, update to 17.4R3-S2 or later. For Junos OS versions prior to 18.2R2-S7, update to 18.2R2-S7 or later. For Junos OS versions prior to 18.2R3, update to 18.2R3 or later. For Junos OS versions prior to 18.2R3-S3, update to 18.2R3-S3 or later. For Junos OS versions prior to 18.2X75-D30, update to 18.2X75-D30 or later. For Junos OS versions prior to 18.3R2-S4, update to 18.3R2-S4 or later. For Junos OS versions prior to 18.3R3-S2, update to 18.3R3-S2 or later.