Lucene search

JuniperCVE-2020-1662

HistoryOct 16, 2020 - 9:15 p.m.

CVE-2020-1662

2020-10-1621:15:12

CWE-20

juniper

web.nvd.nist.gov

cve-2020-1662

juniper networks

junos os

bgp

rpd

security vulnerability

networking

routing

bgp session flapping

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

42.5%

JSON

On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session flapping can lead to a routing process daemon (RPD) crash and restart, limiting the attack surface to configured BGP peers. This issue only affects devices with BGP damping in combination with accepted-prefix-limit configuration. When the issue occurs the following messages will appear in the /var/log/messages: rpd[6046]: %DAEMON-4-BGP_PREFIX_THRESH_EXCEEDED: XXXX (External AS x): Configured maximum accepted prefix-limit threshold(1800) exceeded for inet6-unicast nlri: 1984 (instance master) rpd[6046]: %DAEMON-3-BGP_CEASE_PREFIX_LIMIT_EXCEEDED: 2001:x:x:x::2 (External AS x): Shutting down peer due to exceeding configured maximum accepted prefix-limit(2000) for inet6-unicast nlri: 2001 (instance master) rpd[6046]: %DAEMON-4: bgp_rt_maxprefixes_check_common:9284: NOTIFICATION sent to 2001:x:x:x::2 (External AS x): code 6 (Cease) subcode 1 (Maximum Number of Prefixes Reached) AFI: 2 SAFI: 1 prefix limit 2000 kernel: %KERN-5: mastership_relinquish_on_process_exit: RPD crashed on master RE. Sending SIGUSR2 to chassisd (5612:chassisd) to trigger RE switchover This issue affects: Juniper Networks Junos OS: 17.2R3-S3; 17.3 version 17.3R3-S3 and later versions, prior to 17.3R3-S8; 17.4 version 17.4R2-S4, 17.4R3 and later versions, prior to 17.4R2-S10, 17.4R3-S2; 18.1 version 18.1R3-S6 and later versions, prior to 18.1R3-S10; 18.2 version 18.2R3 and later versions, prior to 18.2R3-S4; 18.2X75 version 18.2X75-D50, 18.2X75-D60 and later versions, prior to 18.2X75-D53, 18.2X75-D65; 18.3 version 18.3R2 and later versions, prior to 18.3R2-S4, 18.3R3-S2; 18.4 version 18.4R2 and later versions, prior to 18.4R2-S5, 18.4R3-S2; 19.1 version 19.1R1 and later versions, prior to 19.1R2-S2, 19.1R3-S1; 19.2 version 19.2R1 and later versions, prior to 19.2R1-S5, 19.2R2; 19.3 versions prior to 19.3R2-S3, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2; 20.1 versions prior to 20.1R1-S2, 20.1R2. Juniper Networks Junos OS Evolved prior to 20.1R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 17.2R3-S3.

Affected configurations

Nvd

Node

juniperjunosMatch17.2r3-s3

juniperjunosMatch17.3r3-s3

juniperjunosMatch17.3r3-s4

juniperjunosMatch17.3r3-s7

juniperjunosMatch17.4r2-s4

juniperjunosMatch17.4r2-s5

juniperjunosMatch17.4r2-s6

juniperjunosMatch17.4r2-s7

juniperjunosMatch17.4r2-s8

juniperjunosMatch17.4r2-s9

juniperjunosMatch17.4r3

juniperjunosMatch17.4r3-s1

juniperjunosMatch18.1r3-s6

juniperjunosMatch18.1r3-s7

juniperjunosMatch18.1r3-s8

juniperjunosMatch18.1r3-s9

juniperjunosMatch18.2r3

juniperjunosMatch18.2r3-s1

juniperjunosMatch18.2r3-s2

juniperjunosMatch18.2r3-s3

juniperjunosMatch18.2x75d50

juniperjunosMatch18.2x75d51

juniperjunosMatch18.2x75d60

juniperjunosMatch18.3r2

juniperjunosMatch18.3r2-s1

juniperjunosMatch18.3r2-s2

juniperjunosMatch18.3r2-s3

juniperjunosMatch18.3r3

juniperjunosMatch18.3r3-s1

juniperjunosMatch18.4r2

juniperjunosMatch18.4r2-s1

juniperjunosMatch18.4r2-s2

juniperjunosMatch18.4r2-s3

juniperjunosMatch18.4r2-s4

juniperjunosMatch18.4r3

juniperjunosMatch18.4r3-s1

juniperjunosMatch19.1r1

juniperjunosMatch19.1r1-s1

juniperjunosMatch19.1r1-s2

juniperjunosMatch19.1r1-s3

juniperjunosMatch19.1r1-s4

juniperjunosMatch19.1r2

juniperjunosMatch19.1r2-s1

juniperjunosMatch19.1r3

juniperjunosMatch19.2r1

juniperjunosMatch19.2r1-s1

juniperjunosMatch19.2r1-s2

juniperjunosMatch19.2r1-s3

juniperjunosMatch19.3-

juniperjunosMatch19.3r1

juniperjunosMatch19.3r1-s1

juniperjunosMatch19.3r2

juniperjunosMatch19.3r2-s1

juniperjunosMatch19.3r2-s2

juniperjunosMatch19.4r1

juniperjunosMatch19.4r1-s1

juniperjunosMatch19.4r1-s2

juniperjunosMatch20.1r1

juniperjunosMatch20.1r1-s1

VendorProductVersionCPE
juniperjunos17.2cpe:2.3:o:juniper:junos:17.2:r3-s3:*:*:*:*:*:*
juniperjunos17.3cpe:2.3:o:juniper:junos:17.3:r3-s3:*:*:*:*:*:*
juniperjunos17.3cpe:2.3:o:juniper:junos:17.3:r3-s4:*:*:*:*:*:*
juniperjunos17.3cpe:2.3:o:juniper:junos:17.3:r3-s7:*:*:*:*:*:*
juniperjunos17.4cpe:2.3:o:juniper:junos:17.4:r2-s4:*:*:*:*:*:*
juniperjunos17.4cpe:2.3:o:juniper:junos:17.4:r2-s5:*:*:*:*:*:*
juniperjunos17.4cpe:2.3:o:juniper:junos:17.4:r2-s6:*:*:*:*:*:*
juniperjunos17.4cpe:2.3:o:juniper:junos:17.4:r2-s7:*:*:*:*:*:*
juniperjunos17.4cpe:2.3:o:juniper:junos:17.4:r2-s8:*:*:*:*:*:*
juniperjunos17.4cpe:2.3:o:juniper:junos:17.4:r2-s9:*:*:*:*:*:*

Vendor	Product	Version	CPE
juniper	junos	17.2	cpe:2.3:o:juniper:junos:17.2:r3-s3::::::
juniper	junos	17.3	cpe:2.3:o:juniper:junos:17.3:r3-s3::::::
juniper	junos	17.3	cpe:2.3:o:juniper:junos:17.3:r3-s4::::::
juniper	junos	17.3	cpe:2.3:o:juniper:junos:17.3:r3-s7::::::
juniper	junos	17.4	cpe:2.3:o:juniper:junos:17.4:r2-s4::::::
juniper	junos	17.4	cpe:2.3:o:juniper:junos:17.4:r2-s5::::::
juniper	junos	17.4	cpe:2.3:o:juniper:junos:17.4:r2-s6::::::
juniper	junos	17.4	cpe:2.3:o:juniper:junos:17.4:r2-s7::::::
juniper	junos	17.4	cpe:2.3:o:juniper:junos:17.4:r2-s8::::::
juniper	junos	17.4	cpe:2.3:o:juniper:junos:17.4:r2-s9::::::

Rows per page:

1-10 of 591

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "status": "affected",
        "version": "17.2R3-S3"
      },
      {
        "lessThan": "17.2R3-S3",
        "status": "unaffected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "17.3R3-S8",
            "status": "unaffected"
          }
        ],
        "lessThan": "17.3*",
        "status": "affected",
        "version": "17.3R3-S3",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "17.4R2-S10, 17.4R3-S2",
            "status": "unaffected"
          }
        ],
        "lessThan": "17.4*",
        "status": "affected",
        "version": "17.4R2-S4, 17.4R3",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "18.1R3-S10",
            "status": "unaffected"
          }
        ],
        "lessThan": "18.1*",
        "status": "affected",
        "version": "18.1R3-S6",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "18.2R3-S4",
            "status": "unaffected"
          }
        ],
        "lessThan": "18.2*",
        "status": "affected",
        "version": "18.2R3",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "18.2X75-D53, 18.2X75-D65",
            "status": "unaffected"
          }
        ],
        "lessThan": "18.2X75*",
        "status": "affected",
        "version": "18.2X75-D50, 18.2X75-D60",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "18.3R2-S4, 18.3R3-S2",
            "status": "unaffected"
          }
        ],
        "lessThan": "18.3*",
        "status": "affected",
        "version": "18.3R2",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "18.4R2-S5, 18.4R3-S2",
            "status": "unaffected"
          }
        ],
        "lessThan": "18.4*",
        "status": "affected",
        "version": "18.4R2",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "19.1R2-S2, 19.1R3-S1",
            "status": "unaffected"
          }
        ],
        "lessThan": "19.1*",
        "status": "affected",
        "version": "19.1R1",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "19.2R1-S5, 19.2R2",
            "status": "unaffected"
          }
        ],
        "lessThan": "19.2*",
        "status": "affected",
        "version": "19.2R1",
        "versionType": "custom"
      },
      {
        "lessThan": "19.3R2-S3, 19.3R3",
        "status": "affected",
        "version": "19.3",
        "versionType": "custom"
      },
      {
        "lessThan": "19.4R1-S3, 19.4R2",
        "status": "affected",
        "version": "19.4",
        "versionType": "custom"
      },
      {
        "lessThan": "20.1R1-S2, 20.1R2",
        "status": "affected",
        "version": "20.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Junos OS Evolved",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "status": "affected",
        "version": "19.4-EVO"
      },
      {
        "lessThan": "20.1R2-EVO",
        "status": "affected",
        "version": "20.1-EVO",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA11059

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

42.5%

JSON

Related for CVE-2020-1662