PT-2020-5898 · Juniper Networks · Junos Evolved+1

Published

2020-07-08

·

Updated

2020-07-24

·

CVE-2020-1644

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Junos OS versions 17.2X75 through 17.2X75-D105.18 Junos OS versions 17.3 through 17.3R3-S7 Junos OS versions 17.4 through 17.4R2-S9 Junos OS versions 18.1 through 18.1R3-S9 Junos OS versions 18.2 through 18.2R2-S6 Junos OS versions 18.2X75 through 18.2X75-D12 Junos OS versions 18.3 through 18.3R2-S3 Junos OS versions 18.4 through 18.4R1-S6 Junos OS versions 19.1 through 19.1R1-S4 Junos OS versions 19.2 through 19.2R1-S4 Junos OS versions 19.3 through 19.3R2-S1 Junos OS versions 19.4 through 19.4R1-S1 Junos OS Evolved versions prior to 20.1R2-EVO
Description: The issue is related to insufficient input validation in the Routing Protocols Daemon (RPD) of JunOS and JunOS Evolved. This can be exploited by a remote attacker to cause a denial of service. The receipt of a specific BGP UPDATE packet can cause an internal counter to be incremented incorrectly, leading to the routing protocols process (RPD) crash and restart. This issue affects both IBGP and EBGP multihop deployment in IPv4 or IPv6 networks.
Recommendations: For Junos OS versions 17.2X75 through 17.2X75-D105.18, update to version 17.2X75-D105.19 or later. For Junos OS versions 17.3 through 17.3R3-S7, update to version 17.3R3-S8 or later. For Junos OS versions 17.4 through 17.4R2-S9, update to version 17.4R2-S10 or later. For Junos OS versions 18.1 through 18.1R3-S9, update to version 18.1R3-S10 or later. For Junos OS versions 18.2 through 18.2R2-S6, update to version 18.2R2-S7 or later. For Junos OS versions 18.2X75 through 18.2X75-D12, update to version 18.2X75-D13 or later. For Junos OS versions 18.3 through 18.3R2-S3, update to version 18.3R2-S4 or later. For Junos OS versions 18.4 through 18.4R1-S6, update to version 18.4R1-S7 or later. For Junos OS versions 19.1 through 19.1R1-S4, update to version 19.1R1-S5 or later. For Junos OS versions 19.2 through 19.2R1-S4, update to version 19.2R1-S5 or later. For Junos OS versions 19.3 through 19.3R2-S1, update to version 19.3R2-S2 or later. For Junos OS versions 19.4 through 19.4R1-S1, update to version 19.4R1-S2 or later. For Junos OS Evolved versions prior to 20.1R2-EVO, update to version 20.1R2-EVO or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-703CWE-20

Related Identifiers

BDU:2021-01992
CVE-2020-1644

Affected Products

Junos
Junos Evolved