CVE-2020-1682

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 15.1X49-D220 on SRX1500, SRX4100, SRX4200, vSRX Junos OS versions prior to 17.4R3-S3 on SRX1500, SRX4100, SRX4200, vSRX Junos OS versions prior to 18.1R3-S11 on SRX1500, SRX4100, SRX4200, vSRX, NFX150 Junos OS versions prior to 18.2R3-S5 on SRX1500, SRX4100, SRX4200, vSRX, NFX150, NFX250 Junos OS versions prior to 18.3R2-S4, 18.3R3-S3 on SRX1500, SRX4100, SRX4200, vSRX, NFX150, NFX250 Junos OS versions prior to 18.4R2-S5, 18.4R3-S4 on SRX1500, SRX4100, SRX4200, vSRX, NFX150, NFX250 Junos OS versions prior to 19.1R3-S2 on SRX1500, SRX4100, SRX4200, vSRX, NFX150, NFX250 Junos OS versions prior to 19.2R1-S5, 19.2R3 on SRX1500, SRX4100, SRX4200, vSRX, NFX150, NFX250

Description: An input validation issue exists, allowing an attacker to crash the srxpfe process, causing a Denial of Service (DoS) through the use of specific maintenance commands. The srxpfe process restarts automatically, but continuous execution of the commands could lead to an extended Denial of Service condition. This issue affects the SRX1500, SRX4100, SRX4200, NFX150, NFX250, and vSRX-based platforms.

Recommendations: For Junos OS versions prior to 15.1X49-D220, update to version 15.1X49-D220 or later. For Junos OS versions prior to 17.4R3-S3, update to version 17.4R3-S3 or later. For Junos OS versions prior to 18.1R3-S11, update to version 18.1R3-S11 or later. For Junos OS versions prior to 18.2R3-S5, update to version 18.2R3-S5 or later. For Junos OS versions prior to 18.3R2-S4, 18.3R3-S3, update to version 18.3R2-S4, 18.3R3-S3 or later. For Junos OS versions prior to 18.4R2-S5, 18.4R3-S4, update to version 18.4R2-S5, 18.4R3-S4 or later. For Junos OS versions prior to 19.1R3-S2, update to version 19.1R3-S2 or later. For Junos OS versions prior to 19.2R1-S5, 19.2R3, update to version 19.2R1-S5, 19.2R3 or later.