Filtered by vendor Juniper
Subscribe
Total
726 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-0295 | 1 Juniper | 5 Junos, Qfx10000, Qfx10002 and 2 more | 2021-07-28 | 2.9 LOW | 6.1 MEDIUM |
| A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to a partial Denial of Service (DoS). The issue is caused by DVMRP packets looping on a multi-homed Ethernet Segment Identifier (ESI) when VXLAN is configured. DVMRP packets received on a multi-homed ESI are sent to the peer, and then incorrectly forwarded out the same ESI, violating the split horizon rule. This issue only affects QFX10K Series switches, including the QFX10002, QFX10008, and QFX10016. Other products and platforms are unaffected by this vulnerability. This issue affects Juniper Networks Junos OS on QFX10K Series: 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 version 18.2R1 and later versions; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S9, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2. | |||||
| CVE-2021-0294 | 1 Juniper | 8 Ex4600, Ex4650, Junos and 5 more | 2021-07-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on Juniper Networks Junos QFX5000 Series and EX4600 Series, and if "storm-control enhanced" is configured, can lead to the enhanced storm control filter group not be installed. It will cause storm control not to work hence allowing an attacker to cause high CPU usage or packet loss issues by sending a large amount of broadcast or unknown unicast packets arriving the device. This issue affects Juniper Networks QFX5100, QFX5110, QFX5120, QFX5200, QFX5210, EX4600, and EX4650, and QFX5100 with QFX 5e Series image installed. QFX5130 and QFX5220 are not affected from this issue. This issue affects Juniper Networks Junos OS 18.4R2-S5 on QFX5000 Series and EX4600 Series. No other product or platform is affected by this vulnerability. | |||||
| CVE-2021-0289 | 1 Juniper | 229 Acx1000, Acx1100, Acx2000 and 226 more | 2021-07-28 | 2.9 LOW | 5.3 MEDIUM |
| When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command "show interfaces <> extensive" and review the output. See further details below. An example output is: show interfaces extensive | match policer Policer: Input: __default_arp_policer__ <<< incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed Policer: Input: jtac-arp-ae5.317-inet-arp <<< correct if user ARP Policer was applied on an AE interface For all platforms, except SRX Series: This issue affects Juniper Networks Junos OS: All versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; This issue does not affect Juniper Networks Junos OS versions prior to 5.6R1. On SRX Series this issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.4 versions prior to 19.4R3-S4; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. This issue does not affect 18.4 versions prior to 18.4R1 on SRX Series. This issue does not affect Junos OS Evolved. | |||||
| CVE-2021-0281 | 1 Juniper | 1 Junos | 2021-07-28 | 4.3 MEDIUM | 7.5 HIGH |
| On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R2-S2-EVO. | |||||
| CVE-2021-0280 | 1 Juniper | 25 Junos, Ptx1000, Ptx1000-72q and 22 more | 2021-07-28 | 5.0 MEDIUM | 7.5 HIGH |
| Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE). This may cause BFD sessions to flap when a high rate of specific packets are received. Flapping of BFD sessions in turn may impact routing protocols and network stability, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms with Paradise (PE) chipset-based line cards: PTX1000, PTX3000 (NextGen), PTX5000, PTX10008, PTX10016 Series and QFX10002 Series. This issue affects: Juniper Networks Junos OS 17.4 versions prior to 17.4R3-S5 on PTX Series, QFX10K Series; 18.2 versions prior to 18.2R3-S8 on PTX Series, QFX10K Series; 18.3 versions prior to 18.3R3-S5 on PTX Series, QFX10K Series; 18.4 versions prior to 18.4R2-S8 on PTX Series, QFX10K Series; 19.1 versions prior to 19.1R3-S5 on PTX Series, QFX10K Series; 19.2 versions prior to 19.2R3-S2 on PTX Series, QFX10K Series; 19.3 versions prior to 19.3R3-S2 on PTX Series, QFX10K Series; 19.4 versions prior to 19.4R3-S2 on PTX Series, QFX10K Series; 20.1 versions prior to 20.1R3 on PTX Series, QFX10K Series; 20.2 versions prior to 20.2R2-S3, 20.2R3 on PTX Series, QFX10K Series; 20.3 versions prior to 20.3R2 on PTX Series, QFX10K Series; 20.4 versions prior to 20.4R2 on PTX Series, QFX10K Series. | |||||
| CVE-2021-0278 | 1 Juniper | 1 Junos | 2021-07-28 | 7.2 HIGH | 7.8 HIGH |
| An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3-S1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 junos:21.3R1 This issue affects: Juniper Networks Junos OS 19.3 versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1. | |||||
| CVE-2021-0277 | 1 Juniper | 1 Junos | 2021-07-28 | 5.8 MEDIUM | 8.8 HIGH |
| An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS), or may lead to remote code execution (RCE). Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. Juniper Networks Junos OS Evolved versions prior to 20.4R2-EVO. | |||||
| CVE-2021-0282 | 1 Juniper | 1 Junos | 2021-07-27 | 7.1 HIGH | 7.5 HIGH |
| On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPDATE message will create a sustained Denial of Service (DoS) condition. This BGP UPDATE message can propagate to other BGP peers with vulnerable Junos versions on which Multipath or add-path feature is enabled, and cause RPD to crash and restart. This issue affects both IBGP and EBGP deployments in IPv4 or IPv6 network. Junos OS devices that do not have the BGP Multipath or add-path feature enabled are not affected by this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S6, 18.4R3-S6; 19.1 versions prior to 19.1R3-S3; | |||||
| CVE-2021-0279 | 1 Juniper | 1 Contrail Cloud | 2021-07-27 | 5.5 MEDIUM | 5.5 MEDIUM |
| Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative service for RabbitMQ (e.g. GUI), can use these hardcoded credentials to cause a Denial of Service (DoS) or have access to unspecified sensitive system information. This issue affects the Juniper Networks Contrail Cloud releases on versions prior to 13.6.0. | |||||
| CVE-2021-0271 | 1 Juniper | 10 Ex2200-c, Ex3200, Ex3300 and 7 more | 2021-07-23 | 3.3 LOW | 6.5 MEDIUM |
| A Double Free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks Junos OS allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP packet to the device. Continued receipt and processing of the crafted ARP packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on EX2200-C Series, EX3200 Series, EX3300 Series, EX4200 Series, EX4500 Series, EX4550 Series, EX6210 Series, EX8208 Series, EX8216 Series. 12.3 versions prior to 12.3R12-S17; 15.1 versions prior to 15.1R7-S8. This issue only affects the listed Marvell-chipset based EX Series devices. No other products or platforms are affected. | |||||
| CVE-2021-0267 | 1 Juniper | 1 Junos | 2021-07-23 | 3.3 LOW | 6.5 MEDIUM |
| An Improper Input Validation vulnerability in the active-lease query portion in JDHCPD's DHCP Relay Agent of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending a crafted DHCP packet to the device thereby crashing the jdhcpd DHCP service. This is typically configured for Broadband Subscriber Sessions. Continued receipt and processing of this crafted packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: 19.4 versions prior to 19.4R3-S1; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R2. This issue does not affect Junos OS Evolved. | |||||
| CVE-2021-0241 | 1 Juniper | 1 Junos | 2021-07-23 | 3.3 LOW | 6.5 MEDIUM |
| On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a specific DHCPv6 packet is received, resulting in a restart of the daemon. The daemon automatically restarts without intervention, but continued receipt and processing of these specific packets will repeatedly crash the JDHCPD process and sustain the Denial of Service (DoS) condition. This issue only affects DHCPv6. DHCPv4 is not affected by this issue. This issue affects: Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S7; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R3-S1; 19.3 versions prior to 19.3R3-S1, 19.3R3-S2; 19.4 versions prior to 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S2, 20.3R2. | |||||
| CVE-2021-0240 | 1 Juniper | 1 Junos | 2021-07-23 | 2.9 LOW | 6.5 MEDIUM |
| On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, the Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash if a malformed DHCPv6 packet is received, resulting in a restart of the daemon. The daemon automatically restarts without intervention, but continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects DHCPv6. DHCPv4 is not affected by this issue. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R1-S8, 18.4R3-S7; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R3-S2; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2. | |||||
| CVE-2021-0237 | 1 Juniper | 11 Ex4300-mp, Ex4600, Ex4650 and 8 more | 2021-07-23 | 3.3 LOW | 6.5 MEDIUM |
| On Juniper Networks EX4300-MP Series, EX4600 Series, EX4650 Series, QFX5K Series deployed as a Virtual Chassis with a specific Layer 2 circuit configuration, Packet Forwarding Engine manager (FXPC) process may crash and restart upon receipt of specific layer 2 frames. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on EX4300-MP Series, EX4600 Series, EX4650 Series, QFX5K Series 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4, 17.4R3-S5; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S7, 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S1; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S2, 20.3R2; | |||||
| CVE-2021-0228 | 1 Juniper | 11 Junos, Mx10, Mx104 and 8 more | 2021-07-23 | 3.3 LOW | 6.5 MEDIUM |
| An improper check for unusual or exceptional conditions vulnerability in Juniper Networks MX Series platforms with Trio-based MPC (Modular Port Concentrator) deployed in (Ethernet VPN) EVPN-(Virtual Extensible LAN) VXLAN configuration, may allow an attacker sending specific Layer 2 traffic to cause Distributed Denial of Service (DDoS) protection to trigger unexpectedly, resulting in traffic impact. Continued receipt and processing of this specific Layer 2 frames will sustain the Denial of Service (DoS) condition. An indication of compromise is to check DDOS LACP violations: user@device> show ddos-protection protocols statistics brief | match lacp This issue only affects the MX Series platforms with Trio-based MPC. No other products or platforms are affected. This issue affects: Juniper Networks Junos OS on MX Series: 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S8; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2-S1, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2; | |||||
| CVE-2021-0224 | 1 Juniper | 1 Junos | 2021-07-23 | 3.3 LOW | 6.5 MEDIUM |
| A vulnerability in the handling of internal resources necessary to bring up a large number of Layer 2 broadband remote access subscriber (BRAS) nodes in Juniper Networks Junos OS can cause the Access Node Control Protocol daemon (ANCPD) to crash and restart, leading to a Denial of Service (DoS) condition. Continued processing of spoofed subscriber nodes will create a sustained Denial of Service (DoS) condition. When the number of subscribers attempting to connect exceeds the configured maximum-discovery-table-entries value, the subscriber fails to map to an internal neighbor entry, causing the ANCPD process to crash. This issue affects Juniper Networks Junos OS: All versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R1-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R3-S1; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior to 20.3R2. | |||||
| CVE-2020-1641 | 1 Juniper | 1 Junos | 2021-07-23 | 3.3 LOW | 6.5 MEDIUM |
| A Race Condition vulnerability in Juniper Networks Junos OS LLDP implementation allows an attacker to cause LLDP to crash leading to a Denial of Service (DoS). This issue occurs when crafted LLDP packets are received by the device from an adjacent device. Multiple LACP flaps will occur after LLDP crashes. An indicator of compromise is to evaluate log file details for lldp with RLIMIT. Intervention should occur before 85% threshold of used KB versus maximum available KB memory is reached. show log messages | match RLIMIT | match lldp | last 20 Matching statement is " /kernel: %KERNEL-[number]: Process ([pid #],lldpd) has exceeded 85% of RLIMIT_DATA: " with [] as variable data to evaluate for. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D95; 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D593; 16.1 versions prior to 16.1R7-S7; 17.1 versions prior to 17.1R2-S11, 17.1R3-S2; 17.2 versions prior to 17.2R1-S9, 17.2R3-S3; 17.3 versions prior to 17.3R2-S5, 17.3R3-S6; 17.4 versions prior to 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R3-S5; 18.2 versions prior to 18.2R2-S7, 18.2R3; 18.2X75 versions prior to 18.2X75-D12, 18.2X75-D33, 18.2X75-D50, 18.2X75-D420; 18.3 versions prior to 18.3R1-S7, 18.3R2-S3, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2; 19.1 versions prior to 19.1R1-S4, 19.1R2. | |||||
| CVE-2020-1611 | 1 Juniper | 1 Junos Space | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1. | |||||
| CVE-2019-0009 | 1 Juniper | 3 Ex2300, Ex3400, Junos | 2021-07-21 | 2.1 LOW | 5.5 MEDIUM |
| On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). In a virtual chassis (VC) deployment, this issue disrupts communication between the VC members. This issue does not affect other Junos platforms. Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R2-S2, 18.1R3; 18.2 versions prior to 18.2R2. | |||||
| CVE-2020-1608 | 1 Juniper | 17 Junos, Mx10, Mx10003 and 14 more | 2021-07-21 | 7.8 HIGH | 7.5 HIGH |
| Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge (BBE) service may trigger a kernel crash (vmcore), causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX Series subscriber management platforms. This issue affects MX Series running Juniper Networks Junos OS: 17.2 versions starting from17.2R2-S6, 17.2R3 and later releases, prior to 17.2R3-S3; 17.3 versions starting from 17.3R2-S4, 17.3R3-S2 and later releases, prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions starting from 17.4R2 and later releases, prior to 17.4R2-S7,17.4R3; 18.1 versions starting from 18.1R2-S3, 18.1R3 and later releases, prior to 18.1R3-S6; 18.2 versions starting from18.2R1-S1, 18.2R2 and later releases, prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D51, 18.2X75-D60; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 17.2R2-S6. | |||||