Details of VAR-202004-2197

ID

VAR-202004-2197

CVE

CVE-2020-1633

TITLE

Juniper Networks Junos OS Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-003945

DESCRIPTION

Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway (BNG) and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic to be discarded, leading to a Denial of Service (DoS) condition. This issue only affects Junos OS 17.4 and later releases. Prior releases do not support this feature and are unaffected by this vulnerability. This issue only affects IPv6. IPv4 ARP proxy is unaffected by this vulnerability. This issue affects Juniper Networks Junos OS: 17.4 versions prior to 17.4R2-S9, 17.4R3 on MX Series; 18.1 versions prior to 18.1R3-S9 on MX Series; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3 on MX Series; 18.2X75 versions prior to 18.2X75-D33, 18.2X75-D411, 18.2X75-D420, 18.2X75-D60 on MX Series; 18.3 versions prior to 18.3R1-S7, 18.3R2-S3, 18.3R3 on MX Series; 18.4 versions prior to 18.4R1-S5, 18.4R2-S2, 18.4R3 on MX Series; 19.1 versions prior to 19.1R1-S4, 19.1R2 on MX Series; 19.2 versions prior to 19.2R1-S3, 19.2R2 on MX Series. Juniper Networks Junos OS There is an input verification vulnerability in.Service operation interruption (DoS) It may be put into a state

Trust: 1.62

sources: NVD: CVE-2020-1633 // JVNDB: JVNDB-2020-003945

IOT TAXONOMY

category:

['other device']

sub_category:

IoT device with Junos OS

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:	juniper	model:	junos	scope:	eq	version:	19.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.2x75	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.1	Trust: 1.0
vendor:	juniper	model:	junos os	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-003945 // NVD: CVE-2020-1633

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-1633
value:	MEDIUM
Trust: 1.0
sirt@juniper.net:	CVE-2020-1633
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-003945
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202004-550
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2020-1633
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2020-003945
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

nvd@nist.gov:	CVE-2020-1633
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
sirt@juniper.net:	CVE-2020-1633
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.0
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-003945
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2020-003945 // CNNVD: CNNVD-202004-550 // NVD: CVE-2020-1633 // NVD: CVE-2020-1633

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.8
problemtype:	NVD-CWE-noinfo	Trust: 1.0

sources: JVNDB: JVNDB-2020-003945 // NVD: CVE-2020-1633

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202004-550

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202004-550

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-003945

PATCH

title:	JSA11012	url:	https://kb.juniper.net/JSA11012	Trust: 0.8
title:	Juniper Networks Junos OS Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115745	Trust: 0.6

sources: JVNDB: JVNDB-2020-003945 // CNNVD: CNNVD-202004-550

EXTERNAL IDS

db:	NVD	id:	CVE-2020-1633	Trust: 2.5
db:	JUNIPER	id:	JSA11012	Trust: 1.6
db:	JVNDB	id:	JVNDB-2020-003945	Trust: 0.8
db:	CNNVD	id:	CNNVD-202004-550	Trust: 0.6
db:	OTHER	id:	NONE	Trust: 0.1

sources: OTHER: None // JVNDB: JVNDB-2020-003945 // CNNVD: CNNVD-202004-550 // NVD: CVE-2020-1633

REFERENCES

url:	https://kb.juniper.net/jsa11012	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2020-1633	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1633	Trust: 0.8
url:	https://vigilance.fr/vulnerability/junos-os-mx-denial-of-service-via-bng-ipv6-ndp-proxy-31975	Trust: 0.6
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1

sources: OTHER: None // JVNDB: JVNDB-2020-003945 // CNNVD: CNNVD-202004-550 // NVD: CVE-2020-1633

SOURCES

db:	OTHER	id:	-
db:	JVNDB	id:	JVNDB-2020-003945
db:	CNNVD	id:	CNNVD-202004-550
db:	NVD	id:	CVE-2020-1633

LAST UPDATE DATE

2025-01-30T21:58:11.335000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2020-003945	date:	2020-04-30T00:00:00
db:	CNNVD	id:	CNNVD-202004-550	date:	2021-11-23T00:00:00
db:	NVD	id:	CVE-2020-1633	date:	2024-11-21T05:11:02.837

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2020-003945	date:	2020-04-30T00:00:00
db:	CNNVD	id:	CNNVD-202004-550	date:	2020-04-09T00:00:00
db:	NVD	id:	CVE-2020-1633	date:	2020-04-09T23:15:12.983