Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJuniperCVELIST:CVE-2020-1651
HistoryJul 17, 2020 - 6:40 p.m.

CVE-2020-1651 Junos OS: MX Series: PFE on the line card may crash due to memory leak.

2020-07-1718:40:43
CWE-19
juniper
www.cve.org
5
juniper networks
mx series
pfe crash
memory leak
dos
cve-2020-1651
layer 2 frames

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

25.0%

JSON

On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine (PFE) on the line card to crash and restart, causing traffic interruption. By continuously sending this stream of specific layer 2 frame, an attacker connected to the same broadcast domain can repeatedly crash the PFE, causing a prolonged Denial of Service (DoS). This issue affects Juniper Networks Junos OS on MX Series: 17.2 versions prior to 17.2R3-S4; 17.2X75 versions prior to 17.2X75-D105.19; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R1-S3, 17.4R2; 18.1 versions prior to 18.1R2. This issue does not affect Juniper Networks Junos OS releases prior to 17.2R1.

CNA Affected

[
  {
    "platforms": [
      "MX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "17.2R1",
        "status": "unaffected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R3-S4",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2X75-D105.19",
        "status": "affected",
        "version": "17.2X75",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3-S7",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R1-S3, 17.4R2",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R2",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      }
    ]
  }
]

Related

cve 1
nessus 1
nvd 1
prion 1
mskb 1
cve
cve
CVE-2020-1651
2020-07-17 19:15:13
nessus
nessus
Juniper Junos MX Series PFE DoS (JSA11038)
2020-07-24 00:00:00
nvd
nvd
CVE-2020-1651
2020-07-17 19:15:13
prion
prion
Memory corruption
2020-07-17 19:15:00
mskb
mskb
Description of the security update for the elevation of privilege vulnerability in Microsoft Visual Studio 2015 Update 3: January 12, 2021
2021-01-12 08:00:00

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

25.0%

JSON
Related for CVELIST:CVE-2020-1651
cve1nessus1nvd1prion1mskb1