Lucene search

[email protected]CVE-2020-1601

HistoryJan 15, 2020 - 9:15 a.m.

CVE-2020-1601

2020-01-1509:15:11

[email protected]

web.nvd.nist.gov

cve-2020-1601

information security

dos

pcep

juniper networks

junos os

vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

45.6%

JSON

Certain types of malformed Path Computation Element Protocol (PCEP) packets when received and processed by a Juniper Networks Junos OS device serving as a Path Computation Client (PCC) in a PCEP environment using Juniper’s path computational element protocol daemon (pccd) process allows an attacker to cause the pccd process to crash and generate a core file thereby causing a Denial of Service (DoS). Continued receipt of this family of malformed PCEP packets will cause an extended Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S13, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238, 15.1X53-D496, 15.1X53-D592; 16.1 versions prior to 16.1R7-S4; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R2-S11, 17.1R3; 17.2 versions prior to 17.2R1-S9; 17.2 version 17.2R2 and later prior to 17.2R3-S2; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R2-S2, 17.4R3; 18.1 versions prior to 18.1R3-S2; 18.2 versions prior to 18.2R2-S6, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2. This issue does not affect releases of Junos OS prior to 15.1R1.

Affected configurations

NVD

Node

juniperjunosMatch15.1f6-s12

juniperjunosMatch15.1r1

juniperjunosMatch15.1r2

juniperjunosMatch15.1r3

juniperjunosMatch15.1r4

juniperjunosMatch15.1r4-s9

juniperjunosMatch15.1r5

juniperjunosMatch15.1r6

juniperjunosMatch15.1r6-s6

juniperjunosMatch15.1r7-s1

juniperjunosMatch15.1r7-s2

juniperjunosMatch15.1r7-s3

juniperjunosMatch15.1x53d20

juniperjunosMatch15.1x53d21

juniperjunosMatch15.1x53d210

juniperjunosMatch15.1x53d25

juniperjunosMatch15.1x53d30

juniperjunosMatch15.1x53d31

juniperjunosMatch15.1x53d32

juniperjunosMatch15.1x53d33

juniperjunosMatch15.1x53d34

juniperjunosMatch15.1x53d40

juniperjunosMatch15.1x53d45

juniperjunosMatch15.1x53d470

juniperjunosMatch15.1x53d495

juniperjunosMatch15.1x53d56

juniperjunosMatch15.1x53d60

juniperjunosMatch15.1x53d61

juniperjunosMatch15.1x53d62

juniperjunosMatch15.1x53d63

juniperjunosMatch15.1x53d65

juniperjunosMatch15.1x53d70

juniperjunosMatch16.1-

juniperjunosMatch16.1r1

juniperjunosMatch16.1r2

juniperjunosMatch16.1r3

juniperjunosMatch16.1r3-s10

juniperjunosMatch16.1r4

juniperjunosMatch16.1r5-s4

juniperjunosMatch16.1r6-s1

juniperjunosMatch16.1r7

juniperjunosMatch16.1r7-s2

juniperjunosMatch16.1r7-s3

juniperjunosMatch16.2-

juniperjunosMatch16.2r1

juniperjunosMatch16.2r2

juniperjunosMatch16.2r2-s1

juniperjunosMatch16.2r2-s2

juniperjunosMatch16.2r2-s5

juniperjunosMatch16.2r2-s6

juniperjunosMatch16.2r2-s7

juniperjunosMatch16.2r2-s8

juniperjunosMatch17.1-

juniperjunosMatch17.1r1

juniperjunosMatch17.1r2-s1

juniperjunosMatch17.1r2-s10

juniperjunosMatch17.1r2-s2

juniperjunosMatch17.1r2-s3

juniperjunosMatch17.1r2-s4

juniperjunosMatch17.1r2-s5

juniperjunosMatch17.1r2-s6

juniperjunosMatch17.1r2-s7

juniperjunosMatch17.1r2-s9

juniperjunosMatch17.2-

juniperjunosMatch17.2r1-s2

juniperjunosMatch17.2r1-s4

juniperjunosMatch17.2r1-s7

juniperjunosMatch17.2r1-s8

juniperjunosMatch17.2r2-s6

juniperjunosMatch17.2r2-s7

juniperjunosMatch17.2r3-s1

juniperjunosMatch17.3-

juniperjunosMatch17.3r1-s1

juniperjunosMatch17.3r2

juniperjunosMatch17.3r2-s1

juniperjunosMatch17.3r2-s2

juniperjunosMatch17.3r3-s1

juniperjunosMatch17.3r3-s2

juniperjunosMatch17.3r3-s3

juniperjunosMatch17.4-

juniperjunosMatch17.4r1

juniperjunosMatch17.4r1-s1

juniperjunosMatch17.4r1-s2

juniperjunosMatch17.4r1-s4

juniperjunosMatch17.4r1-s6

juniperjunosMatch17.4r1-s7

juniperjunosMatch17.4r2

juniperjunosMatch17.4r2-s1

juniperjunosMatch18.1-

juniperjunosMatch18.1r2

juniperjunosMatch18.1r2-s1

juniperjunosMatch18.1r2-s2

juniperjunosMatch18.1r2-s4

juniperjunosMatch18.1r3

juniperjunosMatch18.2-

juniperjunosMatch18.2r1-s5

juniperjunosMatch18.2r2-s1

juniperjunosMatch18.2r2-s2

juniperjunosMatch18.2r2-s3

juniperjunosMatch18.2r2-s4

juniperjunosMatch18.2x75

juniperjunosMatch18.2x75d20

juniperjunosMatch18.3-

juniperjunosMatch18.3r1

juniperjunosMatch18.3r1-s1

juniperjunosMatch18.3r1-s2

juniperjunosMatch18.3r1-s3

juniperjunosMatch18.4-

juniperjunosMatch18.4r1

Node

junipersrx100Match-

junipersrx110Match-

junipersrx1400Match-

junipersrx1500Match-

junipersrx210Match-

junipersrx220Match-

junipersrx240Match-

junipersrx300Match-

junipersrx320Match-

junipersrx340Match-

junipersrx3400Match-

junipersrx345Match-

junipersrx3600Match-

junipersrx4100Match-

junipersrx4200Match-

junipersrx4600Match-

junipersrx5400Match-

junipersrx550Match-

junipersrx5600Match-

junipersrx5800Match-

junipersrx650Match-

AND

juniperjunosMatch15.1x49d10

juniperjunosMatch15.1x49d150

juniperjunosMatch15.1x49d20

juniperjunosMatch15.1x49d30

juniperjunosMatch15.1x49d35

juniperjunosMatch15.1x49d40

juniperjunosMatch15.1x49d45

juniperjunosMatch15.1x49d50

juniperjunosMatch15.1x49d55

juniperjunosMatch15.1x49d60

juniperjunosMatch15.1x49d65

juniperjunosMatch15.1x49d70

juniperjunosMatch15.1x49d75

juniperjunosMatch15.1x49d80

CPENameOperatorVersion
juniper:junosjuniper junoseq15.1
juniper:junosjuniper junoseq15.1x53
juniper:junosjuniper junoseq16.1
juniper:junosjuniper junoseq16.2
juniper:junosjuniper junoseq17.1
juniper:junosjuniper junoseq17.2
juniper:junosjuniper junoseq17.3
juniper:junosjuniper junoseq17.4
juniper:junosjuniper junoseq18.1
juniper:junosjuniper junoseq18.2

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	15.1
juniper:junos	juniper junos	eq	15.1x53
juniper:junos	juniper junos	eq	16.1
juniper:junos	juniper junos	eq	16.2
juniper:junos	juniper junos	eq	17.1
juniper:junos	juniper junos	eq	17.2
juniper:junos	juniper junos	eq	17.3
juniper:junos	juniper junos	eq	17.4
juniper:junos	juniper junos	eq	18.1
juniper:junos	juniper junos	eq	18.2

Rows per page:

1-10 of 131

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1F6-S13, 15.1R7-S4",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R7-S4",
        "status": "affected",
        "version": "16.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.2R2-S9",
        "status": "affected",
        "version": "16.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1R2-S11, 17.1R3",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "17.2R2",
            "status": "affected"
          }
        ],
        "lessThan": "17.2R1-S9, 17.2R3-S2",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3-S3",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R2-S2, 17.4R3",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R3-S2",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R3",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2X75-D40",
        "status": "affected",
        "version": "18.2X75",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R2-S6, 18.3R2",
        "status": "affected",
        "version": "18.3",
        "versionType": "custom"
      },
      {
        "lessThan": "18.4R1-S2, 18.4R2",
        "status": "affected",
        "version": "18.4",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1X53-D238, 15.1X53-D496, 15.1X53-D592",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "SRX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X49-D180",
        "status": "affected",
        "version": "15.1X49",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA10980

prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR1395205

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

45.6%

JSON

Related for CVE-2020-1601

prion1 nessus2 cvelist1 symantec1 nvd1