Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveJuniperCVE-2020-1643
HistoryJul 17, 2020 - 7:15 p.m.

CVE-2020-1643

2020-07-1719:15:12
CWE-755
juniper
web.nvd.nist.gov
33
cve
2020
1643
juniper networks
junos os
dos
ospf
cli command
vulnerability
nvd

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.6

Confidence

High

EPSS

0

Percentile

14.2%

JSON

Execution of the “show ospf interface extensive” or “show ospf interface detail” CLI commands on a Juniper Networks device running Junos OS may cause the routing protocols process (RPD) to crash and restart if OSPF interface authentication is configured, leading to a Denial of Service (DoS). By continuously executing the same CLI commands, a local attacker can repeatedly crash the RPD process causing a sustained Denial of Service. Note: Only systems utilizing ARM processors, found on the EX2300 and EX3400, are vulnerable to this issue. Systems shipped with other processor architectures are not vulnerable to this issue. The processor architecture can be displayed via the ‘uname -a’ command. For example: ARM (vulnerable): % uname -a | awk ‘{print $NF}’ arm PowerPC (not vulnerable): % uname -a | awk ‘{print $NF}’ powerpc AMD (not vulnerable): % uname -a | awk ‘{print $NF}’ amd64 Intel (not vulnerable): % uname -a | awk ‘{print $NF}’ i386 This issue affects Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D100; 14.1X53 versions prior to 14.1X53-D140, 14.1X53-D54; 15.1 versions prior to 15.1R7-S7; 15.1X49 versions prior to 15.1X49-D210; 15.1X53 versions prior to 15.1X53-D593; 16.1 versions prior to 16.1R7-S8; 17.1 versions prior to 17.1R2-S12; 17.2 versions prior to 17.2R3-S4; 17.3 versions prior to 17.3R3-S8; 17.4 versions prior to 17.4R2-S2, 17.4R3; 18.1 versions prior to 18.1R3-S2; 18.2 versions prior to 18.2R2, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S2, 18.3R2.

Affected configurations

Nvd
Node
juniperjunosMatch12.3x48-
OR
juniperjunosMatch12.3x48d10
OR
juniperjunosMatch12.3x48d15
OR
juniperjunosMatch12.3x48d20
OR
juniperjunosMatch12.3x48d25
OR
juniperjunosMatch12.3x48d30
OR
juniperjunosMatch12.3x48d35
OR
juniperjunosMatch12.3x48d40
OR
juniperjunosMatch12.3x48d45
OR
juniperjunosMatch12.3x48d50
OR
juniperjunosMatch12.3x48d51
OR
juniperjunosMatch12.3x48d55
OR
juniperjunosMatch12.3x48d60
OR
juniperjunosMatch12.3x48d65
OR
juniperjunosMatch12.3x48d70
OR
juniperjunosMatch12.3x48d75
OR
juniperjunosMatch12.3x48d80
OR
juniperjunosMatch12.3x48d90
OR
juniperjunosMatch12.3x48d95
OR
juniperjunosMatch14.1x53-
OR
juniperjunosMatch14.1x53d10
OR
juniperjunosMatch14.1x53d15
OR
juniperjunosMatch14.1x53d16
OR
juniperjunosMatch14.1x53d25
OR
juniperjunosMatch14.1x53d26
OR
juniperjunosMatch14.1x53d27
OR
juniperjunosMatch14.1x53d30
OR
juniperjunosMatch14.1x53d35
OR
juniperjunosMatch14.1x53d40
OR
juniperjunosMatch14.1x53d42
OR
juniperjunosMatch14.1x53d43
OR
juniperjunosMatch14.1x53d44
OR
juniperjunosMatch14.1x53d45
OR
juniperjunosMatch14.1x53d48
OR
juniperjunosMatch14.1x53d50
OR
juniperjunosMatch14.1x53d51
OR
juniperjunosMatch14.1x53d52
OR
juniperjunosMatch14.1x53d53
OR
juniperjunosMatch15.1-
OR
juniperjunosMatch15.1a1
OR
juniperjunosMatch15.1f
OR
juniperjunosMatch15.1f1
OR
juniperjunosMatch15.1f2
OR
juniperjunosMatch15.1f2-s1
OR
juniperjunosMatch15.1f2-s2
OR
juniperjunosMatch15.1f2-s3
OR
juniperjunosMatch15.1f2-s4
OR
juniperjunosMatch15.1f3
OR
juniperjunosMatch15.1f4
OR
juniperjunosMatch15.1f5
OR
juniperjunosMatch15.1f5-s7
OR
juniperjunosMatch15.1f6
OR
juniperjunosMatch15.1f6-s1
OR
juniperjunosMatch15.1f6-s12
OR
juniperjunosMatch15.1f6-s2
OR
juniperjunosMatch15.1f6-s3
OR
juniperjunosMatch15.1f6-s4
OR
juniperjunosMatch15.1f6-s7
OR
juniperjunosMatch15.1f7
OR
juniperjunosMatch15.1r1
OR
juniperjunosMatch15.1r2
OR
juniperjunosMatch15.1r3
OR
juniperjunosMatch15.1r4
OR
juniperjunosMatch15.1r4-s7
OR
juniperjunosMatch15.1r4-s8
OR
juniperjunosMatch15.1r4-s9
OR
juniperjunosMatch15.1r5
OR
juniperjunosMatch15.1r5-s1
OR
juniperjunosMatch15.1r5-s5
OR
juniperjunosMatch15.1r5-s6
OR
juniperjunosMatch15.1r6
OR
juniperjunosMatch15.1r6-s1
OR
juniperjunosMatch15.1r6-s2
OR
juniperjunosMatch15.1r6-s6
OR
juniperjunosMatch15.1r7
OR
juniperjunosMatch15.1r7-s1
OR
juniperjunosMatch15.1r7-s2
OR
juniperjunosMatch15.1r7-s3
OR
juniperjunosMatch15.1r7-s4
OR
juniperjunosMatch15.1r7-s5
OR
juniperjunosMatch15.1r7-s6
OR
juniperjunosMatch15.1x49-
OR
juniperjunosMatch15.1x49d10
OR
juniperjunosMatch15.1x49d100
OR
juniperjunosMatch15.1x49d110
OR
juniperjunosMatch15.1x49d120
OR
juniperjunosMatch15.1x49d130
OR
juniperjunosMatch15.1x49d140
OR
juniperjunosMatch15.1x49d15
OR
juniperjunosMatch15.1x49d150
OR
juniperjunosMatch15.1x49d160
OR
juniperjunosMatch15.1x49d170
OR
juniperjunosMatch15.1x49d180
OR
juniperjunosMatch15.1x49d190
OR
juniperjunosMatch15.1x49d20
OR
juniperjunosMatch15.1x49d200
OR
juniperjunosMatch15.1x49d25
OR
juniperjunosMatch15.1x49d30
OR
juniperjunosMatch15.1x49d35
OR
juniperjunosMatch15.1x49d40
OR
juniperjunosMatch15.1x49d45
OR
juniperjunosMatch15.1x49d50
OR
juniperjunosMatch15.1x49d55
OR
juniperjunosMatch15.1x49d60
OR
juniperjunosMatch15.1x49d65
OR
juniperjunosMatch15.1x49d70
OR
juniperjunosMatch15.1x49d75
OR
juniperjunosMatch15.1x49d80
OR
juniperjunosMatch15.1x49d90
OR
juniperjunosMatch15.1x53-
OR
juniperjunosMatch15.1x53d10
OR
juniperjunosMatch15.1x53d20
OR
juniperjunosMatch15.1x53d21
OR
juniperjunosMatch15.1x53d210
OR
juniperjunosMatch15.1x53d230
OR
juniperjunosMatch15.1x53d231
OR
juniperjunosMatch15.1x53d232
OR
juniperjunosMatch15.1x53d233
OR
juniperjunosMatch15.1x53d234
OR
juniperjunosMatch15.1x53d235
OR
juniperjunosMatch15.1x53d236
OR
juniperjunosMatch15.1x53d237
OR
juniperjunosMatch15.1x53d25
OR
juniperjunosMatch15.1x53d30
OR
juniperjunosMatch15.1x53d31
OR
juniperjunosMatch15.1x53d32
OR
juniperjunosMatch15.1x53d33
OR
juniperjunosMatch15.1x53d34
OR
juniperjunosMatch15.1x53d40
OR
juniperjunosMatch15.1x53d45
OR
juniperjunosMatch15.1x53d47
OR
juniperjunosMatch15.1x53d470
OR
juniperjunosMatch15.1x53d48
OR
juniperjunosMatch15.1x53d495
OR
juniperjunosMatch15.1x53d50
OR
juniperjunosMatch15.1x53d51
OR
juniperjunosMatch15.1x53d52
OR
juniperjunosMatch15.1x53d55
OR
juniperjunosMatch15.1x53d56
OR
juniperjunosMatch15.1x53d57
OR
juniperjunosMatch15.1x53d58
OR
juniperjunosMatch15.1x53d59
OR
juniperjunosMatch15.1x53d590
OR
juniperjunosMatch15.1x53d591
OR
juniperjunosMatch15.1x53d592
OR
juniperjunosMatch15.1x53d60
OR
juniperjunosMatch15.1x53d61
OR
juniperjunosMatch15.1x53d62
OR
juniperjunosMatch15.1x53d63
OR
juniperjunosMatch15.1x53d64
OR
juniperjunosMatch15.1x53d65
OR
juniperjunosMatch15.1x53d66
OR
juniperjunosMatch15.1x53d67
OR
juniperjunosMatch15.1x53d68
OR
juniperjunosMatch15.1x53d69
OR
juniperjunosMatch15.1x53d70
OR
juniperjunosMatch16.1-
OR
juniperjunosMatch16.1r1
OR
juniperjunosMatch16.1r2
OR
juniperjunosMatch16.1r3
OR
juniperjunosMatch16.1r3-s10
OR
juniperjunosMatch16.1r3-s11
OR
juniperjunosMatch16.1r4
OR
juniperjunosMatch16.1r4-s12
OR
juniperjunosMatch16.1r4-s2
OR
juniperjunosMatch16.1r4-s3
OR
juniperjunosMatch16.1r4-s4
OR
juniperjunosMatch16.1r4-s6
OR
juniperjunosMatch16.1r5
OR
juniperjunosMatch16.1r5-s4
OR
juniperjunosMatch16.1r6-s1
OR
juniperjunosMatch16.1r6-s6
OR
juniperjunosMatch16.1r7
OR
juniperjunosMatch16.1r7-s2
OR
juniperjunosMatch16.1r7-s3
OR
juniperjunosMatch16.1r7-s4
OR
juniperjunosMatch16.1r7-s5
OR
juniperjunosMatch16.1r7-s6
OR
juniperjunosMatch16.1r7-s7
OR
juniperjunosMatch17.1-
OR
juniperjunosMatch17.1r1
OR
juniperjunosMatch17.1r2
OR
juniperjunosMatch17.1r2-s1
OR
juniperjunosMatch17.1r2-s10
OR
juniperjunosMatch17.1r2-s11
OR
juniperjunosMatch17.1r2-s2
OR
juniperjunosMatch17.1r2-s3
OR
juniperjunosMatch17.1r2-s4
OR
juniperjunosMatch17.1r2-s5
OR
juniperjunosMatch17.1r2-s6
OR
juniperjunosMatch17.1r2-s7
OR
juniperjunosMatch17.1r2-s8
OR
juniperjunosMatch17.1r2-s9
OR
juniperjunosMatch17.2-
OR
juniperjunosMatch17.2r1
OR
juniperjunosMatch17.2r1-s1
OR
juniperjunosMatch17.2r1-s2
OR
juniperjunosMatch17.2r1-s3
OR
juniperjunosMatch17.2r1-s4
OR
juniperjunosMatch17.2r1-s5
OR
juniperjunosMatch17.2r1-s7
OR
juniperjunosMatch17.2r1-s8
OR
juniperjunosMatch17.2r2
OR
juniperjunosMatch17.2r2-s11
OR
juniperjunosMatch17.2r2-s6
OR
juniperjunosMatch17.2r2-s7
OR
juniperjunosMatch17.2r3-s1
OR
juniperjunosMatch17.2r3-s2
OR
juniperjunosMatch17.2r3-s3
OR
juniperjunosMatch17.3-
OR
juniperjunosMatch17.3r1-s1
OR
juniperjunosMatch17.3r2
OR
juniperjunosMatch17.3r2-s1
OR
juniperjunosMatch17.3r2-s2
OR
juniperjunosMatch17.3r2-s3
OR
juniperjunosMatch17.3r2-s4
OR
juniperjunosMatch17.3r3-
OR
juniperjunosMatch17.3r3-s1
OR
juniperjunosMatch17.3r3-s2
OR
juniperjunosMatch17.3r3-s3
OR
juniperjunosMatch17.3r3-s4
OR
juniperjunosMatch17.3r3-s7
OR
juniperjunosMatch17.4-
OR
juniperjunosMatch17.4r1
OR
juniperjunosMatch17.4r1-s1
OR
juniperjunosMatch17.4r1-s2
OR
juniperjunosMatch17.4r1-s4
OR
juniperjunosMatch17.4r1-s5
OR
juniperjunosMatch17.4r1-s6
OR
juniperjunosMatch17.4r1-s7
OR
juniperjunosMatch17.4r2
OR
juniperjunosMatch17.4r2-s1
OR
juniperjunosMatch18.1-
OR
juniperjunosMatch18.1r1
OR
juniperjunosMatch18.1r2
OR
juniperjunosMatch18.1r2-s1
OR
juniperjunosMatch18.1r2-s2
OR
juniperjunosMatch18.1r2-s4
OR
juniperjunosMatch18.1r3
OR
juniperjunosMatch18.1r3-s1
OR
juniperjunosMatch18.2r1
OR
juniperjunosMatch18.2r1-s3
OR
juniperjunosMatch18.2r1-s4
OR
juniperjunosMatch18.2x75
OR
juniperjunosMatch18.2x75-
OR
juniperjunosMatch18.2x75d20
OR
juniperjunosMatch18.2x75d30
OR
juniperjunosMatch18.3-
OR
juniperjunosMatch18.3r1
OR
juniperjunosMatch18.3r1-s1
VendorProductVersionCPE
juniperjunos12.3x48cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*
juniperjunos12.3x48cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*
juniperjunos12.3x48cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*
juniperjunos12.3x48cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*
juniperjunos12.3x48cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*
juniperjunos12.3x48cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*
juniperjunos12.3x48cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*
juniperjunos12.3x48cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*
juniperjunos12.3x48cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*
juniperjunos12.3x48cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*
Rows per page:
1-10 of 2501

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "12.3X48-D100",
        "status": "affected",
        "version": "12.3X48",
        "versionType": "custom"
      },
      {
        "lessThan": "14.1X53-D140, 14.1X53-D54",
        "status": "affected",
        "version": "14.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1R7-S7",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1X49-D210",
        "status": "affected",
        "version": "15.1X49",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1X53-D593",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R7-S8",
        "status": "affected",
        "version": "16.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1R2-S12",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R3-S4",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3-S8",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R2-S2, 17.4R3",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R3-S2",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R2, 18.2R3",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2X75-D40",
        "status": "affected",
        "version": "18.2X75",
        "versionType": "custom"
      },
      {
        "lessThan": "18.3R1-S2, 18.3R2",
        "status": "affected",
        "version": "18.3",
        "versionType": "custom"
      }
    ]
  }
]

Related

nvd 1
prion 1
nessus 1
cvelist 1
threatpost 1
nvd
nvd
CVE-2020-1643
2020-07-17 19:15:12
prion
prion
Authentication flaw
2020-07-17 19:15:00
nessus
nessus
Juniper Junos Denial of Service (DoS) JSA11030
2020-07-17 00:00:00
cvelist
cvelist
CVE-2020-1643 Junos OS: EX Series: RPD crash when executing specific "show ospf interface" commands from the CLI with OSPF authentication configured
2020-07-17 18:40:39
threatpost
threatpost
Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes
2021-01-12 21:45:23

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.6

Confidence

High

EPSS

0

Percentile

14.2%

JSON
Related for CVE-2020-1643
nvd1prion1nessus1cvelist1threatpost1