CVE-2020-1667

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 17.3R3-S8 Juniper Networks Junos OS versions prior to 18.3R3-S1 Juniper Networks Junos OS versions prior to 18.4R3 Juniper Networks Junos OS versions prior to 19.1R3 Juniper Networks Junos OS versions prior to 19.2R2 Juniper Networks Junos OS versions prior to 19.3R3

Description: The issue is related to a race condition in the Multiservices PIC Management Daemon (mspmand) process when DNS filtering is enabled on Juniper Networks Junos MX Series with certain cards. This can cause the mspmand process to crash, leading to a restart of the Services PIC, and bypassing of all PIC services, including DNS filtering, until the Services PIC completes its boot process. The vulnerability can be exploited remotely, potentially affecting the confidentiality, integrity, and availability of protected information.

Recommendations: For Juniper Networks Junos OS versions prior to 17.3R3-S8, update to 17.3R3-S8 or later. For Juniper Networks Junos OS versions prior to 18.3R3-S1, update to 18.3R3-S1 or later. For Juniper Networks Junos OS versions prior to 18.4R3, update to 18.4R3 or later. For Juniper Networks Junos OS versions prior to 19.1R3, update to 19.1R3 or later. For Juniper Networks Junos OS versions prior to 19.2R2, update to 19.2R2 or later. For Juniper Networks Junos OS versions prior to 19.3R3, update to 19.3R3 or later.