fkie_cve-2020-1634
Vulnerability from fkie_nvd
Published
2020-04-08 20:15
Modified
2024-11-21 05:11
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On High-End SRX Series devices, in specific configurations and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core. Subsequently, all FPCs in a chassis may reset causing a Denial of Service. This issue affects both IPv4 and IPv6. This issue affects: Juniper Networks Junos OS 12.3X48 version 12.3X48-D80 and later versions prior to 12.3X48-D95 on High-End SRX Series. This issue does not affect Branch SRX Series devices.
References
sirt@juniper.nethttps://kb.juniper.net/JSA11014Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.juniper.net/JSA11014Vendor Advisory
Impacted products
Vendor Product Version
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper srx1500 -
juniper srx300 -
juniper srx4100 -
juniper srx4200 -
juniper srx4600 -
juniper srx5400 -
juniper srx550 -
juniper srx5600 -
juniper srx5800 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*",
              "matchCriteriaId": "AC1FED64-8725-4978-9EBF-E3CD8EF338E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
              "matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
              "matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*",
              "matchCriteriaId": "5FF83BD0-3B28-481E-8C8F-09ECDA493DA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*",
              "matchCriteriaId": "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*",
              "matchCriteriaId": "3C82799B-BD25-4359-9E3D-4D7CA7367525",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*",
              "matchCriteriaId": "094485FF-960C-4533-A2AF-6C4D420D260D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*",
              "matchCriteriaId": "F8BE3661-1DE5-4F57-9384-68C1B34F6812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*",
              "matchCriteriaId": "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*",
              "matchCriteriaId": "C6C694C6-C58C-4513-91E8-6CC22A2386E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d51:*:*:*:*:*:*",
              "matchCriteriaId": "64A0CCD4-91BA-440E-A14C-48E67D1F03A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*",
              "matchCriteriaId": "6B65EF51-ED97-4973-94C4-8F66C553F190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*",
              "matchCriteriaId": "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*",
              "matchCriteriaId": "44C61900-680C-4C74-8B96-ACC93FE9465E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d70:*:*:*:*:*:*",
              "matchCriteriaId": "B6C38637-ABE0-419A-A053-CBE076766551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d75:*:*:*:*:*:*",
              "matchCriteriaId": "1F87EF0D-E609-4D4A-B228-CEF05C753E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d80:*:*:*:*:*:*",
              "matchCriteriaId": "4484081E-E2E9-4858-8960-144D820CF7D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On High-End SRX Series devices, in specific configurations and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core. Subsequently, all FPCs in a chassis may reset causing a Denial of Service. This issue affects both IPv4 and IPv6. This issue affects: Juniper Networks Junos OS 12.3X48 version 12.3X48-D80 and later versions prior to 12.3X48-D95 on High-End SRX Series. This issue does not affect Branch SRX Series devices."
    },
    {
      "lang": "es",
      "value": "En los dispositivos High-End SRX Series, en configuraciones espec\u00edficas y cuando se presentan eventos de red espec\u00edficos o acciones del operador, puede ocurrir un SPC que reciba tr\u00e1fico multidifusi\u00f3n genuino. Posteriormente, todos los FPC en un chasis pueden reiniciarse causando una Denegaci\u00f3n de Servicio. Este problema afecta tanto a IPv4 como a IPv6. Este problema afecta a: Juniper Networks Junos OS  versi\u00f3n 12.3X48 hasta 12.3X48-D80 y versiones posteriores a 12.3X48-D95 en High-End SRX Series. Este problema no afecta a los dispositivos de Branch SRX Series."
    }
  ],
  "id": "CVE-2020-1634",
  "lastModified": "2024-11-21T05:11:02.990",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-04-08T20:15:14.310",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11014"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.