CVE-2020-1647

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 18.1R3-S9 Junos OS versions prior to 18.2R3-S3 Junos OS versions prior to 18.3R2-S4 Junos OS versions prior to 18.3R3-S1 Junos OS versions prior to 18.4R2-S5 Junos OS versions prior to 18.4R3 Junos OS versions prior to 19.1R2 Junos OS versions prior to 19.2R1-S2 Junos OS versions prior to 19.2R2 Junos OS versions prior to 19.3R2

Description: The issue is related to a double free vulnerability in the implementation of the Internet Content Adaptation Protocol (ICAP) in Junos OS on SRX Series devices. This vulnerability can be exploited by a remote attacker, potentially allowing them to elevate their privileges, execute arbitrary code, or cause a denial of service. The vulnerability is triggered by processing a specific HTTP message, which can originate from either the HTTP server or the client, and may result in an extended denial of service.

Recommendations: For Junos OS versions prior to 18.1R3-S9, update to 18.1R3-S9 or later. For Junos OS versions prior to 18.2R3-S3, update to 18.2R3-S3 or later. For Junos OS versions prior to 18.3R2-S4, update to 18.3R2-S4 or later. For Junos OS versions prior to 18.3R3-S1, update to 18.3R3-S1 or later. For Junos OS versions prior to 18.4R2-S5, update to 18.4R2-S5 or later. For Junos OS versions prior to 18.4R3, update to 18.4R3 or later. For Junos OS versions prior to 19.1R2, update to 19.1R2 or later. For Junos OS versions prior to 19.2R1-S2, update to 19.2R1-S2 or later. For Junos OS versions prior to 19.2R2, update to 19.2R2 or later. For Junos OS versions prior to 19.3R2, update to 19.3R2 or later.