CVE-2020-1662

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions 17.2R3-S3 through 20.1R1-S1 Juniper Networks Junos OS versions 17.3R3-S3 through 17.3R3-S7 Juniper Networks Junos OS versions 17.4R2-S4 through 17.4R2-S9 Juniper Networks Junos OS versions 17.4R3 through 17.4R3-S1 Juniper Networks Junos OS versions 18.1R3-S6 through 18.1R3-S9 Juniper Networks Junos OS versions 18.2R3 through 18.2R3-S3 Juniper Networks Junos OS versions 18.2X75-D50 through 18.2X75-D52 Juniper Networks Junos OS versions 18.3R2 through 18.3R2-S3 Juniper Networks Junos OS versions 18.3R3 through 18.3R3-S1 Juniper Networks Junos OS versions 18.4R2 through 18.4R2-S4 Juniper Networks Junos OS versions 18.4R3 through 18.4R3-S1 Juniper Networks Junos OS versions 19.1R1 through 19.1R1-S1 Juniper Networks Junos OS versions 19.1R2 through 19.1R2-S1 Juniper Networks Junos OS versions 19.2R1 through 19.2R1-S4 Juniper Networks Junos OS versions 19.2R2 through 19.2R2 Juniper Networks Junos OS versions 19.3 through 19.3R2-S2 Juniper Networks Junos OS versions 19.3R3 through 19.3R3 Juniper Networks Junos OS versions 19.4 through 19.4R1-S2 Juniper Networks Junos OS versions 19.4R2 through 19.4R2 Juniper Networks Junos OS versions 20.1 through 20.1R1-S1 Juniper Networks Junos OS Evolved versions prior to 20.1R2-EVO

Description The issue is related to BGP session flapping, which can cause a routing process daemon crash and restart. This occurs when BGP damping is used in combination with an accepted-prefix-limit configuration. The issue is identified by specific messages in the /var/log/messages, including rpd[6046]: %DAEMON-4-BGP PREFIX THRESH EXCEEDED and rpd[6046]: %DAEMON-3-BGP CEASE PREFIX LIMIT EXCEEDED. The issue affects devices with configured BGP peers.

Recommendations For Juniper Networks Junos OS version 17.2R3-S3, update to version 17.2R3-S4 or later. For Juniper Networks Junos OS version 17.3R3-S3, update to version 17.3R3-S8 or later. For Juniper Networks Junos OS version 17.4R2-S4, update to version 17.4R2-S10 or later. For Juniper Networks Junos OS version 17.4R3, update to version 17.4R3-S2 or later. For Juniper Networks Junos OS version 18.1R3-S6, update to version 18.1R3-S10 or later. For Juniper Networks Junos OS version 18.2R3, update to version 18.2R3-S4 or later. For Juniper Networks Junos OS version 18.2X75-D50, update to version 18.2X75-D53 or later. For Juniper Networks Junos OS version 18.3R2, update to version 18.3R2-S4 or later. For Juniper Networks Junos OS version 18.3R3, update to version 18.3R3-S2 or later. For Juniper Networks Junos OS version 18.4R2, update to version 18.4R2-S5 or later. For Juniper Networks Junos OS version 18.4R3, update to version 18.4R3-S2 or later. For Juniper Networks Junos OS version 19.1R1, update to version 19.1R2-S2 or later. For Juniper Networks Junos OS version 19.1R2, update to version 19.1R3-S1 or later. For Juniper Networks Junos OS version 19.2R1, update to version 19.2R1-S5 or later. For Juniper Networks Junos OS version 19.2R2, update to version 19.2R2 or later. For Juniper Networks Junos OS version 19.3, update to version 19.3R2-S3 or later. For Juniper Networks Junos OS version 19.3R3, update to version 19.3R3 or later. For Juniper Networks Junos OS version 19.4, update to version 19.4R1-S3 or later. For Juniper Networks Junos OS version 19.4R2, update to version 19.4R2 or later. For Juniper Networks Junos OS version 20.1, update to version 20.1R1-S2 or later. For Juniper Networks Junos OS Evolved, update to version 20.1R2-EVO or later.