CVE-2020-1680
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. This issue occurs when a multiservice card is translating the malformed IPv6 packet to IPv4 packet. An unauthenticated attacker can continuously send crafted IPv6 packets through the device causing repetitive MS-PIC process crashes, resulting in an extended Denial of Service condition. This issue affects Juniper Networks Junos OS on MX Series: 15.1 versions prior to 15.1R7-S7; 15.1X53 versions prior to 15.1X53-D593; 16.1 versions prior to 16.1R7-S8; 17.2 versions prior to 17.2R3-S4; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S11, 17.4R3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.2X75 versions prior to 18.2X75-D41, 18.2X75-D430, 18.2X75-D53, 18.2X75-D65; 18.3 versions prior to 18.3R2-S4, 18.3R3; 18.4 versions prior to 18.4R2-S5, 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S5, 19.2R2; 19.3 versions prior to 19.3R2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 15.1 < 15.1R7-S7 | affected |
| Juniper Networks | Junos OS | 15.1X53 < 15.1X53-D593 | affected |
| Juniper Networks | Junos OS | 16.1 < 16.1R7-S8 | affected |
| Juniper Networks | Junos OS | 17.2 < 17.2R3-S4 | affected |
| Juniper Networks | Junos OS | 17.3 < 17.3R3-S6 | affected |
| Juniper Networks | Junos OS | 17.4 < 17.4R2-S11, 17.4R3 | affected |
| Juniper Networks | Junos OS | 18.1 < 18.1R3-S11 | affected |
| Juniper Networks | Junos OS | 18.2 < 18.2R3-S6 | affected |
| Juniper Networks | Junos OS | 18.2X75 < 18.2X75-D41, 18.2X75-D430, 18.2X75-D53, 18.2X75-D65 | affected |
| Juniper Networks | Junos OS | 18.3 < 18.3R2-S4, 18.3R3 | affected |
| Juniper Networks | Junos OS | 18.4 < 18.4R2-S5, 18.4R3 | affected |
| Juniper Networks | Junos OS | 19.1 < 19.1R2 | affected |
| Juniper Networks | Junos OS | 19.2 < 19.2R1-S5, 19.2R2 | affected |
| Juniper Networks | Junos OS | 19.3 < 19.3R2 | affected |
Weaknesses
- CWE-131: CWE-131 Incorrect Calculation of Buffer Size
Workarounds
There are no viable workarounds for this issue.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.