CVE-2020-1648 Junos OS and Junos OS Evolved: RPD crash when processing a specific BGP packet

🗓️ 17 Jul 2020 18:40:42Reported by juniperType

Junos OS and Junos OS Evolved: RPD crash processing specific BGP packe

Reporter	Title	Published	Views	Family All 8
BDU FSTEC	The vulnerability of the RPD module in the JunOS operating system and JunOS Evolved allows a intruder to trigger a maintenance failure.	13 Apr 202100:00	–	bdu_fstec
CNVD	Juniper Networks Junos OS Denial of Service Vulnerability (CNVD-2020-49038)	13 Jul 202000:00	–	cnvd
CVE	CVE-2020-1648	17 Jul 202018:40	–	cve
EUVD	EUVD-2020-12513	7 Oct 202500:30	–	euvd
Tenable Nessus	Junos OS: RPD crash when processing a specific BGP packet (JSA11035)	28 Jul 202000:00	–	nessus
NVD	CVE-2020-1648	17 Jul 202019:15	–	nvd
OSV	CVE-2020-1648	17 Jul 202019:15	–	osv
Prion	Design/Logic Flaw	17 Jul 202019:15	–	prion

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "changes": [
          {
            "at": "18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60.2, 18.2X75-D65.1, 18.2X75-D70",
            "status": "unaffected"
          }
        ],
        "lessThan": "18.2X75*",
        "status": "affected",
        "version": "18.2X75-D50.8 18.2X75-D60",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "19.4R1",
            "status": "affected"
          },
          {
            "at": "19.4R1-S2, 19.4R2",
            "status": "unaffected"
          }
        ],
        "lessThan": "19.4R1",
        "status": "unaffected",
        "version": "19.4",
        "versionType": "custom"
      },
      {
        "lessThan": "20.1R1-S2, 20.1R2",
        "status": "affected",
        "version": "20.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Junos OS Evolved",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "changes": [
          {
            "at": "19.4R2-S2-EVO",
            "status": "unaffected"
          }
        ],
        "lessThan": "19.4R1-EVO",
        "status": "unaffected",
        "version": "19.4-EVO",
        "versionType": "custom"
      },
      {
        "lessThan": "20.1R2-EVO",
        "status": "affected",
        "version": "20.1-EVO",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
kb	www.kb.juniper.net/JSA11035

17 Jul 2020 18:40Current

7.4High risk

Vulners AI Score7.4

CVSS 3.17.5

EPSS0.00389