CVE-2020-1684

On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load utilization, which could lead to traffic interruption. Application identification is enabled by default and is automatically turned on when...

CVE-2020-1688

On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services. Exploitation of this vulnerability may allow an...

CVE-2020-1683

On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory leak which over time leads to a kernel crash vmcore. Prior to the kernel crash other processes might be impacted, such as failure to establish SSH connection to the device. The administrator can monitor the output of t...

CVE-2020-1672

On Juniper Networks Junos OS devices configured with DHCPv6 relay enabled, receipt of a specific DHCPv6 packet might crash the jdhcpd daemon. The jdhcpd daemon automatically restarts without intervention, but continuous receipt of specific crafted DHCP messages will repeatedly crash jdhcpd, leadi...

CVE-2020-1679

On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table KRT queue to become stuck. KRT is the module within the Routing Process Daemon RPD that synchronized the routing...

CVE-2020-1678

On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. If the memory is exhausted the rpd process might crash. If the issue occurs, the memory leak could be seen by executing the "show task memory detail | match...

CVE-2020-1682

An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash the srxpfe process, causing a Denial of Service DoS through the use of specific maintenance commands. The srxpfe process restarts automatically, but continuous execution of the commands could lead...

CVE-2020-1664

A stack buffer overflow vulnerability in the device control daemon DCD on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service DoS against the daemon or execute arbitrary code in the system with root privilege. This issue affects Juniper Networks Junos OS: 17....

CVE-2020-1657

On SRX Series devices, a vulnerability in the key-management-daemon kmd daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to IPSec peers before a security association SA is established thereby causing a failure to set up the IPSec channel. Sustained receipt of these...

CVE-2020-1661

On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon jdhcp process might crash when receiving a malformed DHCP packet. This issue only affects devices configured as DHCP forwarder with forward-only option, that forwar...

Vulnerability fixed in Juniper Junos OS for PTX and QFX

Juniper Networks has fixed a vulnerability in Junos OS for the PTX and QTX platforms. An unauthenticated malicious person at remote user could potentially exploit the vulnerability to cause a Denial-of-Service attack. To do this, rogue network traffic should be sent to the vulnerable device. Only...

Vulnerabilities fixed in Juniper Junos OS

Juniper Networks has fixed several vulnerabilities in Junos OS. A malicious person, whether remotely authenticated or not, could potentially exploit these vulnerabilities to carry out attacks leading to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS...

The vulnerability of the NDP Proxy component in the JunOS operating system allows a hacker to trigger a maintenance failure.

The vulnerability of the NDP Proxy component in the JunOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the JunOS operating system’s NFX250 Series routers allows a hacker to gain full control over the system.

The vulnerability of the JunOS operating system’s NFX250 Series routers lies in the use of pre-installed registration data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain full control over the system...

CVE-2020-1655

When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine PFE will become disabled upon receipt of large packets requiring fragmentation,...

CVE-2020-1653

On Juniper Networks Junos OS devices, a stream of TCP packets sent to the Routing Engine RE may cause mbuf leak which can lead to Flexible PIC Concentrator FPC crash or the system to crash and restart vmcore. This issue can be trigged by IPv4 or IPv6 and it is caused only by TCP packets. This iss...

CVE-2020-1648

On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a routing process daemon RPD crash and restart. This issue can occur even before the BGP session with the peer is established. Repeated receipt of this specific BGP packet can result in an...

CVE-2020-1647

On Juniper Networks SRX Series with ICAP Internet Content Adaptation Protocol redirect service enabled, a double free vulnerability can lead to a Denial of Service DoS or Remote Code Execution RCE due to processing of a specific HTTP message. Continued processing of this specific HTTP message may...

CVE-2020-1651

On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine PFE on the line card to crash and restart, causing traffic interruption. By continuously sending this stream of specific layer 2 frame, an attacker...

CVE-2020-1643

Execution of the "show ospf interface extensive" or "show ospf interface detail" CLI commands on a Juniper Networks device running Junos OS may cause the routing protocols process RPD to crash and restart if OSPF interface authentication is configured, leading to a Denial of Service DoS. By...