CVE-2020-1604 Junos OS: EX4300/EX4600/QFX3500/QFX5100 Series: Stateless IP firewall filter may fail to evaluate certain packets

🗓️ 15 Jan 2020 08:40:35Reported by juniperType

Junos OS firewall filter vulnerability affecting certain packet evaluatio

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the IP address filtering function in the Junos OS operating system allows attackers to compromise data integrity and violate data confidentiality.	11 Feb 202000:00	–	bdu_fstec
Circl	CVE-2020-1604	17 May 202112:09	–	circl
CNVD	Juniper Networks Junos OS IP firewall filter access control error vulnerability	15 Jan 202000:00	–	cnvd
CVE	CVE-2020-1604	15 Jan 202008:40	–	cve
EUVD	EUVD-2020-12474	7 Oct 202500:30	–	euvd
Tenable Nessus	Juniper JSA10979	25 Feb 202000:00	–	nessus
Tenable Nessus	Juniper Stateless IP Firewall Bypass Vulnerability (JSA10983)	17 Feb 202000:00	–	nessus
NVD	CVE-2020-1604	15 Jan 202009:15	–	nvd
OSV	CVE-2020-1604	15 Jan 202009:15	–	osv
Prion	Design/Logic Flaw	15 Jan 202009:15	–	prion

[
  {
    "platforms": [
      "QFX5100 Series and EX4600 Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "14.1X53-D12",
        "status": "affected",
        "version": "14.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "QFX3500 Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "14.1X53-D52",
        "status": "affected",
        "version": "14.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "EX4300 Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "14.1X53-D48",
        "status": "affected",
        "version": "14.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1R7-S3",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R7",
        "status": "affected",
        "version": "16.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1R3",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R3",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R2-S5, 17.3R3",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R2",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R3",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R2",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
kb	www.kb.juniper.net/JSA10983

15 Jan 2020 08:40Current

7High risk

Vulners AI Score7

CVSS 3.16.5

EPSS0.00849

CWE-284