Vulnerabilities > Juniper > Junos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-17 | CVE-2020-1651 | Memory Leak vulnerability in Juniper Junos On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine (PFE) on the line card to crash and restart, causing traffic interruption. | 6.5 |
| 2020-07-17 | CVE-2020-1650 | Unspecified vulnerability in Juniper Junos On Juniper Networks Junos MX Series with service card configured, receipt of a stream of specific packets may crash the MS-PIC component on MS-MIC or MS-MPC. | 7.5 |
| 2020-07-17 | CVE-2020-1649 | Unspecified vulnerability in Juniper Junos When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine (PFE) will become disabled upon receipt of small fragments requiring reassembly, generating the following error messages: [LOG: Err] MQSS(2): WO: Packet Error - Error Packets 1, Connection 29 [LOG: Err] eachip_hmcif_rx_intr_handler(7259): EA[2:0]: HMCIF Rx: Injected checksum error detected on WO response - Chunk Address 0x0 [LOG: Err] MQSS(2): DRD: RORD1: CMD reorder ID error - Command 11, Reorder ID 1960, QID 0 [LOG: Err] MQSS(2): DRD: UNROLL0: HMC chunk address error in stage 5 - Chunk Address: 0xc38fb1 [LOG: Notice] Error: /fpc/0/pfe/0/cm/0/MQSS(2)/2/MQSS_CMERROR_DRD_RORD_ENG_INT_REG_CMD_FSM_STATE_ERR (0x2203cc), scope: pfe, category: functional, severity: major, module: MQSS(2), type: DRD_RORD_ENG_INT: CMD FSM State Error [LOG: Notice] Performing action cmalarm for error /fpc/0/pfe/0/cm/0/MQSS(2)/2/MQSS_CMERROR_DRD_RORD_ENG_INT_REG_CMD_FSM_STATE_ERR (0x2203cc) in module: MQSS(2) with scope: pfe category: functional level: major [LOG: Notice] Performing action get-state for error /fpc/0/pfe/0/cm/0/MQSS(2)/2/MQSS_CMERROR_DRD_RORD_ENG_INT_REG_CMD_FSM_STATE_ERR (0x2203cc) in module: MQSS(2) with scope: pfe category: functional level: major [LOG: Notice] Performing action disable-pfe for error /fpc/0/pfe/0/cm/0/MQSS(2)/2/MQSS_CMERROR_DRD_RORD_ENG_INT_REG_CMD_FSM_STATE_ERR (0x2203cc) in module: MQSS(2) with scope: pfe category: functional level: major By continuously sending fragmented packets that cannot be reassembled, an attacker can repeatedly disable the PFE causing a sustained Denial of Service (DoS). | 7.5 |
| 2020-07-17 | CVE-2020-1648 | Unspecified vulnerability in Juniper Junos and Junos OS Evolved On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a routing process daemon (RPD) crash and restart. | 7.5 |
| 2020-07-17 | CVE-2020-1647 | Double Free vulnerability in Juniper Junos On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. | 9.8 |
| 2020-07-17 | CVE-2020-1646 | Unspecified vulnerability in Juniper Junos and Junos OS Evolved On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific UPDATE for an EBGP peer can lead to a routing process daemon (RPD) crash and restart. | 7.5 |
| 2020-07-17 | CVE-2020-1645 | Unspecified vulnerability in Juniper Junos When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart. | 8.3 |
| 2020-07-17 | CVE-2020-1644 | Improper Input Validation vulnerability in Juniper Junos On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt of a specific BGP UPDATE packet causes an internal counter to be incremented incorrectly, which over time can lead to the routing protocols process (RPD) crash and restart. | 7.5 |
| 2020-07-17 | CVE-2020-1643 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos Execution of the "show ospf interface extensive" or "show ospf interface detail" CLI commands on a Juniper Networks device running Junos OS may cause the routing protocols process (RPD) to crash and restart if OSPF interface authentication is configured, leading to a Denial of Service (DoS). | 5.5 |
| 2020-07-17 | CVE-2020-1641 | Race Condition vulnerability in Juniper Junos A Race Condition vulnerability in Juniper Networks Junos OS LLDP implementation allows an attacker to cause LLDP to crash leading to a Denial of Service (DoS). | 6.5 |