Code injection

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon mspmand process, responsible for managing "URL Filtering service", may crash, causing the...

Design/Logic Flaw

On Juniper Networks Junos MX Series with service card configured, receipt of a stream of specific packets may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending these specific packets, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a prolonged Denial of...

CVE-2020-1650

CVE-2020-1650 affects Juniper Networks Junos OS on MX Series using MS-PIC/MS-MIC/MS-MPC service cards. A stream of specific packets can crash the MS-PIC component, enabling a sustained Denial of Service on affected MX Series devices (versions listed in the description). The connected documents pr...

CVE-2020-1650 Junos OS: MX Series: Denial of Service vulnerability in MS-PIC component on MS-MIC or MS-MPC

On Juniper Networks Junos MX Series with service card configured, receipt of a stream of specific packets may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending these specific packets, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a prolonged Denial of...

CVE-2020-1651

CVE-2020-1651 affects Juniper Networks Junos OS on MX Series routers. A memory leak caused by processing a specific stream of Layer 2 frames can crash the line-card PFE, leading to DoS traffic interruption. Impact observed in MX Series revisions including 17.2 (prior to 17.2R3-S4) and 17.2X75 (pr...

CVE-2020-1651 Junos OS: MX Series: PFE on the line card may crash due to memory leak.

On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine PFE on the line card to crash and restart, causing traffic interruption. By continuously sending this stream of specific layer 2 frame, an attacker...

CVE-2020-1649 Junos OS: MX Series: PFE crash on MPC7/8/9 upon receipt of small fragments requiring reassembly

When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine PFE will become disabled upon receipt of small fragments requiring reassembly,...

CVE-2020-1645

CVE-2020-1645 affects Juniper Networks Junos MX Series when DNS filtering is enabled and packets trigger the Multiservices PIC Management Daemon (mspmand). The issue can cause mspmand to crash, leading to a restart of the Services PIC; during boot, DNS filtering and other PIC services may be bypa...

CVE-2020-1645 Junos OS: MX Series: Services card might restart when DNS filtering is enabled

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon mspmand process, responsible for managing "URL Filtering service", may crash, causing the...

Juniper Networks Junos OS Input Validation Error Vulnerability (CNVD-2020-50488)

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. An input validation error vulnerability exists in Juniper Networks Junos OS MX Series. An attacker could exploit this...

Juniper Networks Junos OS Code Issue Vulnerability (CNVD-2020-51515)

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A code issue vulnerability exists in Juniper Networks Junos OS MX Series. An attacker could exploit this vulnerability to...

CVE-2020-5764

MX Player Android App versions prior to v1.24.5, are vulnerable to a directory traversal vulnerability when user is using the MX Transfer feature in "Receive" mode. An attacker can exploit this by connecting to the MX Transfer session as a "sender" and sending a MessageType of "FILELIST" with a...

CVE-2020-5764

MX Player Android App versions prior to v1.24.5, are vulnerable to a directory traversal vulnerability when user is using the MX Transfer feature in "Receive" mode. An attacker can exploit this by connecting to the MX Transfer session as a "sender" and sending a MessageType of "FILELIST" with a...

Directory traversal

MX Player Android App versions prior to v1.24.5, are vulnerable to a directory traversal vulnerability when user is using the MX Transfer feature in "Receive" mode. An attacker can exploit this by connecting to the MX Transfer session as a "sender" and sending a MessageType of "FILELIST" with a...

CVE-2020-5764

MX Player Android App versions prior to v1.24.5, are vulnerable to a directory traversal vulnerability when user is using the MX Transfer feature in "Receive" mode. An attacker can exploit this by connecting to the MX Transfer session as a "sender" and sending a MessageType of "FILELIST" with a...

CVE-2020-5764

CVE-2020-5764 – MX Player Android App vulnerable versions: MX Player Android App earlier than v1.24.5. A directory traversal flaw exists in the MX Transfer feature when used in “Receive” mode. An attacker can act as a MX Transfer sender and send a FILE_LIST message with a name field containing di...

Juniper Networks Junos OS Input Validation Error Vulnerability (CNVD-2020-22987)

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. An input validation error vulnerability exists in the NDP proxy function of the EVPN leaf node in Juniper Networks Junos O...

CVE-2020-1633

Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway BNG and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic to be discarded,...

CVE-2020-1633 Junos OS: MX Series: Crafted packets traversing a Broadband Network Gateway (BNG) configured with IPv6 NDP proxy could lead to Denial of Service

Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway BNG and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic to be discarded,...

Juniper Networks Junos OS Elevation of Privilege Vulnerability (CNVD-2020-22962)

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in the Juniper Networks Junos OS EX9200 Series, MX Series, PTX Series, and QFX10K Series. ...