Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJuniperCVELIST:CVE-2020-1665
HistoryOct 14, 2020 - 12:00 a.m.

CVE-2020-1665 Junos OS: MX series/EX9200 Series: IPv6 DDoS protection does not work as expected.

2020-10-1400:00:00
CWE-794
juniper
www.cve.org

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

42.6%

JSON

On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect when it reaches the threshold condition. The DDoS protection allows the device to continue to function while it is under DDoS attack, protecting both the Routing Engine (RE) and the Flexible PIC Concentrator (FPC) during the DDoS attack. When this issue occurs, the RE and/or the FPC can become overwhelmed, which could disrupt network protocol operations and/or interrupt traffic. This issue does not affect IPv4 DDoS protection. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX series and EX9200 Series: 17.2 versions prior to 17.2R3-S4; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R3-S8; 17.4 versions prior to 17.4R2-S11, 17.4R3-S2; 18.2 versions prior to 18.2R2-S7, 18.2R3, 18.2R3-S3; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R2-S4, 18.3R3-S2.

CNA Affected

[
  {
    "platforms": [
      "MX series/EX9200 Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "17.2R3-S4",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2X75-D102, 17.2X75-D110",
        "status": "affected",
        "version": "17.2X75",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3-S8",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R2-S11, 17.4R3-S2",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R2-S7, 18.2R3, 18.2R3-S3",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2X75-D30",
        "status": "affected",
        "version": "18.2X75",
        "versionType": "custom"
      },
      {
        "lessThan": "18.3R2-S4, 18.3R3-S2",
        "status": "affected",
        "version": "18.3",
        "versionType": "custom"
      }
    ]
  }
]

Related

nessus 1
cve 1
prion 1
nvd 1
nessus
nessus
Juniper Junos MX/EX9200 Series: DDoS Vulnerability (JSA11062)
2020-10-23 00:00:00
cve
cve
CVE-2020-1665
2020-10-16 21:15:12
prion
prion
Design/Logic Flaw
2020-10-16 21:15:00
nvd
nvd
CVE-2020-1665
2020-10-16 21:15:12

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

42.6%

JSON
Related for CVELIST:CVE-2020-1665
nessus1cve1prion1nvd1