Lucene search

[email protected]CVE-2020-1683

HistoryOct 16, 2020 - 9:15 p.m.

CVE-2020-1683

2020-10-1621:15:14

CWE-401

[email protected]

web.nvd.nist.gov

juniper

networks

junos os

snmp

oid

memory leak

kernel crash

ssh

vulnerability

cve-2020-1683

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.7%

JSON

On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory leak which over time leads to a kernel crash (vmcore). Prior to the kernel crash other processes might be impacted, such as failure to establish SSH connection to the device. The administrator can monitor the output of the following command to check if there is memory leak caused by this issue: user@device> show system virtual-memory | match “pfe_ipc|kmem” pfe_ipc 147 5K - 164352 16,32,64,8192 <– increasing vm.kmem_map_free: 127246336 <– decreasing pfe_ipc 0 0K - 18598 32,8192 vm.kmem_map_free: 134582272 This issue affects Juniper Networks Junos OS: 17.4R3; 18.1 version 18.1R3-S5 and later versions prior to 18.1R3-S10; 18.2 version 18.2R3 and later versions prior to 18.2R3-S3; 18.2X75 version 18.2X75-D420, 18.2X75-D50 and later versions prior to 18.2X75-D430, 18.2X75-D53, 18.2X75-D60; 18.3 version 18.3R3 and later versions prior to 18.3R3-S2; 18.4 version 18.4R1-S4, 18.4R2 and later versions prior to 18.4R2-S5, 18.4R3-S1; 19.1 version 19.1R2 and later versions prior to 19.1R2-S2, 19.1R3; 19.2 version 19.2R1 and later versions prior to 19.2R1-S5, 19.2R2; 19.3 versions prior to 19.3R2-S5, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2. This issue does not affect Juniper Networks Junos OS prior to 17.4R3.

Affected configurations

NVD

Node

juniperjunosMatch17.4r3

juniperjunosMatch18.1r3-s5

juniperjunosMatch18.1r3-s6

juniperjunosMatch18.1r3-s7

juniperjunosMatch18.1r3-s8

juniperjunosMatch18.1r3-s9

juniperjunosMatch18.2r3

juniperjunosMatch18.2r3-s1

juniperjunosMatch18.2r3-s2

juniperjunosMatch18.2x75-

juniperjunosMatch18.2x75d12

juniperjunosMatch18.2x75d20

juniperjunosMatch18.2x75d30

juniperjunosMatch18.2x75d40

juniperjunosMatch18.2x75d411

juniperjunosMatch18.2x75d51

juniperjunosMatch18.3r3

juniperjunosMatch18.3r3-s1

juniperjunosMatch18.4r1-s4

juniperjunosMatch18.4r2

juniperjunosMatch18.4r2-s1

juniperjunosMatch18.4r2-s2

juniperjunosMatch18.4r2-s3

juniperjunosMatch18.4r2-s4

juniperjunosMatch18.4r3

juniperjunosMatch19.1r2

juniperjunosMatch19.1r2-s1

juniperjunosMatch19.2r1

juniperjunosMatch19.2r1-s1

juniperjunosMatch19.2r1-s2

juniperjunosMatch19.2r1-s3

juniperjunosMatch19.2r1-s4

juniperjunosMatch19.3-

juniperjunosMatch19.3r1

juniperjunosMatch19.3r1-s1

juniperjunosMatch19.3r2

juniperjunosMatch19.3r2-s1

juniperjunosMatch19.3r2-s2

juniperjunosMatch19.3r2-s3

juniperjunosMatch19.3r2-s4

juniperjunosMatch19.4r1

juniperjunosMatch19.4r1-s1

juniperjunosMatch19.4r1-s2

CPENameOperatorVersion
juniper:junosjuniper junoseq17.4
juniper:junosjuniper junoseq18.1
juniper:junosjuniper junoseq18.2
juniper:junosjuniper junoseq18.2x75
juniper:junosjuniper junoseq18.3
juniper:junosjuniper junoseq18.4
juniper:junosjuniper junoseq19.1
juniper:junosjuniper junoseq19.2
juniper:junosjuniper junoseq19.3
juniper:junosjuniper junoseq19.4

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	17.4
juniper:junos	juniper junos	eq	18.1
juniper:junos	juniper junos	eq	18.2
juniper:junos	juniper junos	eq	18.2x75
juniper:junos	juniper junos	eq	18.3
juniper:junos	juniper junos	eq	18.4
juniper:junos	juniper junos	eq	19.1
juniper:junos	juniper junos	eq	19.2
juniper:junos	juniper junos	eq	19.3
juniper:junos	juniper junos	eq	19.4

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "status": "affected",
        "version": "17.4R3"
      },
      {
        "lessThan": "17.4R3",
        "status": "unaffected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "18.1R3-S10",
            "status": "unaffected"
          }
        ],
        "lessThan": "18.1*",
        "status": "affected",
        "version": "18.1R3-S5",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "18.2R3-S3",
            "status": "unaffected"
          }
        ],
        "lessThan": "18.2*",
        "status": "affected",
        "version": "18.2R3",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "18.2X75-D430, 18.2X75-D53, 18.2X75-D60",
            "status": "unaffected"
          }
        ],
        "lessThan": "18.2X75*",
        "status": "affected",
        "version": "18.2X75-D420, 18.2X75-D50",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "18.3R3-S2",
            "status": "unaffected"
          }
        ],
        "lessThan": "18.3*",
        "status": "affected",
        "version": "18.3R3",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "18.4R2-S5, 18.4R3-S1",
            "status": "unaffected"
          }
        ],
        "lessThan": "18.4*",
        "status": "affected",
        "version": "18.4R1-S4, 18.4R2",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "19.1R2-S2, 19.1R3",
            "status": "unaffected"
          }
        ],
        "lessThan": "19.1*",
        "status": "affected",
        "version": "19.1R2",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "19.2R1-S5, 19.2R2",
            "status": "unaffected"
          }
        ],
        "lessThan": "19.2*",
        "status": "affected",
        "version": "19.2R1",
        "versionType": "custom"
      },
      {
        "lessThan": "19.3R2-S5, 19.3R3",
        "status": "affected",
        "version": "19.3",
        "versionType": "custom"
      },
      {
        "lessThan": "19.4R1-S3, 19.4R2",
        "status": "affected",
        "version": "19.4",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA11080

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.7%

JSON

Related for CVE-2020-1683

prion1 cvelist1 nvd1 nessus1