Lucene search

HistorySep 10, 2020 - 12:00 a.m.

Juniper Junos BGP DoS (JSA11024)

2020-09-1000:00:00

www.tenable.com

juniper

junos

bgp

dos

vulnerability

jsa11024

remote devices

security patch

cve-2020-1640

denial of service

nessus

self-reported version

vulnerability advisory

iava

cve

cvss

exploitability

publication date

cpe

stig

security checks

tenable network security

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.5%

JSON

According to the self reported version of Junos OS on the remote device it is affected by a denial of service vulnerability as referenced in the JSA11024 advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(140467);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/06/03");

  script_cve_id("CVE-2020-1640");
  script_xref(name:"JSA", value:"JSA11024");
  script_xref(name:"IAVA", value:"2020-A-0320-S");

  script_name(english:"Juniper Junos BGP DoS (JSA11024)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"According to the self reported version of Junos OS on the remote device it is affected by a denial of service
vulnerability as referenced in the JSA11024 advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"https://kb.juniper.net/JSA11024");
  script_set_attribute(attribute:"solution", value:
"Apply the relevant Junos software release referenced in Juniper advisory JSA11024");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-1640");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/07/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/07/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/09/10");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:juniper:junos");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Junos Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("junos_version.nasl");
  script_require_keys("Host/Juniper/JUNOS/Version");

  exit(0);
}

include('junos.inc');

ver = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');

vuln_ranges = [
  {'min_ver':'16.1R7-S6',   'fixed_ver':'16.1R7-S8'},
  {'min_ver':'17.3R2-S5',   'fixed_ver':'17.3R3-S8'},
  {'min_ver':'17.4R2-S7',   'fixed_ver':'17.4R2-S11'},
  {'min_ver':'17.4R3',      'fixed_ver':'17.4R3-S2'},
  {'min_ver':'18.1R3-S7',   'fixed_ver':'18.1R3-S10'},
  {'min_ver':'18.2R2-S6',   'fixed_ver':'18.2R2-S7'},
  {'min_ver':'18.2R3-S2',   'fixed_ver':'18.2R3-S5'},
  {'min_ver':'18.3R1-S6',   'fixed_ver':'18.3R2-S4'},
  {'min_ver':'18.3R3',      'fixed_ver':'18.3R3-S2'},
  {'min_ver':'18.4R1-S5',   'fixed_ver':'18.4R1-S7'},
  {'min_ver':'18.4R2-S4',   'fixed_ver':'18.4R2-S5'},
  {'min_ver':'18.4R3',      'fixed_ver':'18.4R3-S3'},
  {'min_ver':'19.1R1-S3',   'fixed_ver':'19.1R1-S5'},
  {'min_ver':'19.1R2',      'fixed_ver':'19.1R2-S2'},
  {'min_ver':'19.2R1-S2',   'fixed_ver':'19.2R1-S5'},
  {'min_ver':'19.3R2',      'fixed_ver':'19.3R2-S3'},
  {'min_ver':'19.4R1',      'fixed_ver':'19.4R1-S2'},
  {'min_ver':'20.1R1',      'fixed_ver':'20.1R1-S1'},
  {'min_ver':'18.2X75-D12', 'fixed_ver':'18.2X75-D32'},
  {'min_ver':'18.2X75-D51', 'fixed_ver':'18.2X75-D52'},
  {'min_ver':'18.2X75-D411','fixed_ver':'18.2X75-D420'}
];

fix = junos_compare_range(target_version:ver, vuln_ranges:vuln_ranges);

if (!isnull(fix))
{
  report = get_report(ver:ver, fix:fix);
  security_report_v4(severity:SECURITY_WARNING, port:0, extra:report);
}

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1640

kb.juniper.net/JSA11024

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

42.5%

JSON

Related for JUNIPER_JSA11024.NASL