{"containers": {"cna": {"affected": [{"platforms": ["MX Series"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "17.2R1", "status": "unaffected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "17.2R3-S4", "status": "affected", "version": "17.2", "versionType": "custom"}, {"lessThan": "17.2X75-D105.19", "status": "affected", "version": "17.2X75", "versionType": "custom"}, {"lessThan": "17.3R3-S7", "status": "affected", "version": "17.3", "versionType": "custom"}, {"lessThan": "17.4R1-S3, 17.4R2", "status": "affected", "version": "17.4", "versionType": "custom"}, {"lessThan": "18.1R2", "status": "affected", "version": "18.1", "versionType": "custom"}]}], "configurations": [{"lang": "en", "value": "This issue is not specific to any configuration."}], "datePublic": "2020-07-08T00:00:00", "descriptions": [{"lang": "en", "value": "On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine (PFE) on the line card to crash and restart, causing traffic interruption. By continuously sending this stream of specific layer 2 frame, an attacker connected to the same broadcast domain can repeatedly crash the PFE, causing a prolonged Denial of Service (DoS). This issue affects Juniper Networks Junos OS on MX Series: 17.2 versions prior to 17.2R3-S4; 17.2X75 versions prior to 17.2X75-D105.19; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R1-S3, 17.4R2; 18.1 versions prior to 18.1R2. This issue does not affect Juniper Networks Junos OS releases prior to 17.2R1."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-19", "description": "CWE-19 Data Processing Errors", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-07-17T18:40:43", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA11038"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 17.2R3-S4, 17.2X75-D105.19, 17.3R3-S7, 17.4R1-S3, 17.4R2, 18.1R2, 18.2R1, 18.2X75-D10, and all subsequent releases."}], "source": {"advisory": "JSA11038", "defect": ["1347250"], "discovery": "USER"}, "title": "Junos OS: MX Series: PFE on the line card may crash due to memory leak.", "workarounds": [{"lang": "en", "value": "There are no available workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2020-07-08T04:00:00.000Z", "ID": "CVE-2020-1651", "STATE": "PUBLIC", "TITLE": "Junos OS: MX Series: PFE on the line card may crash due to memory leak."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"platform": "MX Series", "version_affected": "!<", "version_value": "17.2R1"}, {"platform": "MX Series", "version_affected": "<", "version_name": "17.2", "version_value": "17.2R3-S4"}, {"platform": "MX Series", "version_affected": "<", "version_name": "17.2X75", "version_value": "17.2X75-D105.19"}, {"platform": "MX Series", "version_affected": "<", "version_name": "17.3", "version_value": "17.3R3-S7"}, {"platform": "MX Series", "version_affected": "<", "version_name": "17.4", "version_value": "17.4R1-S3, 17.4R2"}, {"platform": "MX Series", "version_affected": "<", "version_name": "18.1", "version_value": "18.1R2"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "configuration": [{"lang": "en", "value": "This issue is not specific to any configuration."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine (PFE) on the line card to crash and restart, causing traffic interruption. By continuously sending this stream of specific layer 2 frame, an attacker connected to the same broadcast domain can repeatedly crash the PFE, causing a prolonged Denial of Service (DoS). This issue affects Juniper Networks Junos OS on MX Series: 17.2 versions prior to 17.2R3-S4; 17.2X75 versions prior to 17.2X75-D105.19; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R1-S3, 17.4R2; 18.1 versions prior to 18.1R2. This issue does not affect Juniper Networks Junos OS releases prior to 17.2R1."}]}, "exploit": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-19 Data Processing Errors"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA11038", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11038"}]}, "solution": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 17.2R3-S4, 17.2X75-D105.19, 17.3R3-S7, 17.4R1-S3, 17.4R2, 18.1R2, 18.2R1, 18.2X75-D10, and all subsequent releases."}], "source": {"advisory": "JSA11038", "defect": ["1347250"], "discovery": "USER"}, "work_around": [{"lang": "en", "value": "There are no available workarounds for this issue."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:46:29.634Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA11038"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2020-1651", "datePublished": "2020-07-17T18:40:43.651664Z", "dateReserved": "2019-11-04T00:00:00", "dateUpdated": "2024-09-17T01:10:30.724Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.2:-:*:*:*:*:*:*", "matchCriteriaId": "BCEE8D9C-6D64-4A9B-A74A-57A0BF4086C6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*", "matchCriteriaId": "E889BF9C-BDDF-4A6A-97BB-00A097EF6D91", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "8BCF0612-AF16-4925-8E42-77734513F923", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "595987A6-D8CE-41ED-B51C-EF9CD3B47AD0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "7B5A2205-C40B-4746-9A23-1973433FF065", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "CFA3526C-FF53-4823-B6AC-0BA91BFB532D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s5:*:*:*:*:*:*", "matchCriteriaId": "AA92B7F8-705B-410F-BDA3-7C28FF51967F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s7:*:*:*:*:*:*", "matchCriteriaId": "9689695F-53EB-4B35-9072-750E7282B011", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s8:*:*:*:*:*:*", "matchCriteriaId": "4F7CE683-5647-455B-936C-DF0D973A180A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*", "matchCriteriaId": "7D45F2C3-20FF-4A91-A440-E109B3CCE7C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r2-s11:*:*:*:*:*:*", "matchCriteriaId": "BA433E05-83F8-410D-AEB3-3A02BAB0BE0B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r2-s6:*:*:*:*:*:*", "matchCriteriaId": "B87ECEAD-FD18-4252-8D46-F281DD4125AC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r2-s7:*:*:*:*:*:*", "matchCriteriaId": "C6788EE2-B0DA-470E-B72E-E8D5CCFB5259", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "5FD8A8E1-201B-4E4E-8F69-23856E56AF60", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "897850A3-2A27-483C-8266-E4547F1A4341", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "7939BCE6-D4E8-4366-B954-32D77F21A35D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2x75:-:*:*:*:*:*:*", "matchCriteriaId": "8B809686-D679-483B-9196-510582F07A7E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2x75:d102:*:*:*:*:*:*", "matchCriteriaId": "81332BD3-99F9-4A7C-A04F-1F3A81CA6941", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2x75:d50:*:*:*:*:*:*", "matchCriteriaId": "1C913A29-64F1-4B2C-A4BC-163891E9A43A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2x75:d70:*:*:*:*:*:*", "matchCriteriaId": "CD7217ED-631C-4206-9381-18C0BDD69C7D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2x75:d92:*:*:*:*:*:*", "matchCriteriaId": "D5DCC950-B6D1-4EF2-87EB-7D152CD9D8CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*", "matchCriteriaId": "A283D32F-1CAF-4A5A-83E1-585F2801771F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "C52E355B-DA7D-4FDE-B2D7-A3C3C9C99918", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*", "matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "32F83E8B-A816-4F26-95F8-F0DA7F3DF426", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "2C433359-BC8B-4E69-BE74-A31EB148083A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "BCA2976C-C84B-40D9-A806-588629BFFB13", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s4:*:*:*:*:*:*", "matchCriteriaId": "A2C7B980-033E-40AC-98C9-B252733B0F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3:-:*:*:*:*:*", "matchCriteriaId": "D1CAEBD2-2E46-44B5-B1D1-1DDBD450FD27", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "565AE6D8-28A9-4A62-A886-5BAB954695D8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "0C366F93-BB30-4144-99AE-40B676977834", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "488BB10A-1360-42E5-A68D-23D51B332850", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "64988F0A-E02C-455B-99C9-4059C896416F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*", "matchCriteriaId": "A00CA6FB-8F28-4171-B510-8DBA351E80C0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*", "matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "605F1AD7-5B09-44F0-9017-15AB3EEE559C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*", "matchCriteriaId": "0DFDD907-5305-4602-8A9C-685AA112C342", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*", "matchCriteriaId": "B0A756E2-C320-405A-B24F-7C5022649E5A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*", "matchCriteriaId": "52699E2B-450A-431C-81E3-DC4483C8B4F2", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5627740-42E3-4FB1-B8B9-0B768AFFA1EC", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*", "matchCriteriaId": "F72C850A-0530-4DB7-A553-7E19F82122B5", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FE2089C-F341-4DC1-B76D-633BC699306D", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*", "matchCriteriaId": "27175D9A-CA2C-4218-8042-835E25DFCA43", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*", "matchCriteriaId": "00C7FC57-8ACF-45AA-A227-7E3B350FD24F", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*", "matchCriteriaId": "2754C2DF-DF6E-4109-9463-38B4E0465B77", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*", "matchCriteriaId": "C982A2FF-A1F9-4830-BAB6-77CFCE1F093F", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*", "matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B557965-0040-4048-B56C-F564FF28635B", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB875EBD-A3CD-4466-B2A3-39D47FF94592", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine (PFE) on the line card to crash and restart, causing traffic interruption. By continuously sending this stream of specific layer 2 frame, an attacker connected to the same broadcast domain can repeatedly crash the PFE, causing a prolonged Denial of Service (DoS). This issue affects Juniper Networks Junos OS on MX Series: 17.2 versions prior to 17.2R3-S4; 17.2X75 versions prior to 17.2X75-D105.19; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R1-S3, 17.4R2; 18.1 versions prior to 18.1R2. This issue does not affect Juniper Networks Junos OS releases prior to 17.2R1."}, {"lang": "es", "value": "En la serie Juniper Networks MX, la recepci\u00f3n de un flujo de tramas espec\u00edficas de Capa 2 puede causar una p\u00e9rdida de memoria resultando en que el motor de reenv\u00edo de paquetes (PFE) en la tarjeta de l\u00ednea se bloquee y reinicie, causando una interrupci\u00f3n del tr\u00e1fico. Al enviar continuamente este flujo de trama espec\u00edfica de capa 2, un atacante conectado al mismo dominio de difusi\u00f3n puede bloquear de forma repetida el PFE, causando una Denegaci\u00f3n de Servicio (DoS) prolongada. Este problema afecta a Juniper Networks Junos OS en la Serie MX: versiones 17.2 anteriores a 17.2R3-S4; versiones 17.2X75 anteriores a 17.2X75-D105.19; versiones 17.3 anteriores a 17.3R3-S7; versiones 17.4 anteriores a 17.4R1-S3, versiones 17.4R2; 18.1 anteriores a 18.1R2. Este problema no afecta a Juniper Networks Junos OS versiones anteriores a 17.2R1"}], "id": "CVE-2020-1651", "lastModified": "2021-10-19T12:54:39.273", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2020-07-17T19:15:13.720", "references": [{"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA11038"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-19"}], "source": "sirt@juniper.net", "type": "Secondary"}]}

{}