CVE-2020-1627

{"id": "CVE-2020-1627", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-04-08T20:15:14.060", "references": [{"url": "https://kb.juniper.net/JSA11006", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}, {"url": "https://kb.juniper.net/JSA11006", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Juniper Networks Junos OS on vMX and MX150 devices may allow an attacker to cause a Denial of Service (DoS) by sending specific packets requiring special processing in microcode that the flow cache can't handle, causing the riot forwarding daemon to crash. By continuously sending the same specific packets, an attacker can repeatedly crash the riot process causing a sustained Denial of Service. Flow cache is specific to vMX based products and the MX150, and is enabled by default in performance mode. This issue can only be triggered by traffic destined to the device. Transit traffic will not cause the riot daemon to crash. When the issue occurs, a core dump and riot log file entry are generated. For example: /var/crash/core.J-UKERN.mpc0.1557255993.3864.gz /home/pfe/RIOT logs: fpc0 riot[1888]: PANIC in lu_reorder_send_packet_postproc(): fpc0 riot[6655]: PANIC in lu_reorder_send_packet_postproc(): This issue affects Juniper Networks Junos OS: 18.1 versions prior to 18.1R3 on vMX and MX150; 18.2 versions prior to 18.2R3 on vMX and MX150; 18.2X75 versions prior to 18.2X75-D60 on vMX and MX150; 18.3 versions prior to 18.3R3 on vMX and MX150; 18.4 versions prior to 18.4R2 on vMX and MX150; 19.1 versions prior to 19.1R2 on vMX and MX150. This issue does not affect Junos OS versions prior to 18.1R1."}, {"lang": "es", "value": "Una vulnerabilidad en Juniper Networks Junos OS en dispositivos vMX y MX150, puede permitir a un atacante causar una Denegaci\u00f3n de Servicio (DoS) mediante el env\u00edo de paquetes espec\u00edficos que requieren un procesamiento especial en un microc\u00f3digo que la cach\u00e9 de flujo no puede manejar, generando que el demonio de reenvi\u00f3 de riot se bloquee . Al enviar continuamente los mismos paquetes espec\u00edficos, un atacante puede bloquear repetidas veces el proceso riot causando una Denegaci\u00f3n de Servicio sostenida. La memoria cach\u00e9 de flujo es espec\u00edfica para los productos basados ??en vMX y el MX150, y est\u00e1 habilitada por defecto en el modo performance. Este problema solo puede ser desencadenado por el tr\u00e1fico destinado hacia el dispositivo. El tr\u00e1fico de tr\u00e1nsito no causar\u00e1 que el demonio riot se bloquee. Cuando se presenta el problema, se genera un volcado del core y una entrada del archivo de registro de riot. Por ejemplo: /var/crash/core.J-UKERN.mpc0.1557255993.3864.gz /home/pfe/RIOT registra: fpc0 riot[1888]: PANIC en la funci\u00f3n lu_reorder_send_packet_postproc(): fpc0 riot[6655]: PANIC en la funci\u00f3n lu_reorder_send_packet_postproc(): Este problema afecta a Juniper Networks Junos OS: versiones 18.1 anteriores a 18.1R3 en vMX y MX150; versiones 18.2 anteriores a 18.2R3 en vMX y MX150; versiones 18.2X75 anteriores a 18.2X75-D60 en vMX y MX150; versiones 18.3 anteriores a 18.3R3 en vMX y MX150; versiones 18.4 anteriores a 18.4R2 en vMX y MX150; versiones 19.1 anteriores a 19.1R2 en vMX y MX150. Este problema no afecta a Junos OS versiones anteriores a 18.1R1."}], "lastModified": "2024-11-21T05:11:01.827", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DFDD907-5305-4602-8A9C-685AA112C342"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84F5BCBA-404B-4BC9-B363-CE6D231B0D6D"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18A4CA3E-DA61-49CC-8476-3A476CCB2B83"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7380B3E-09F5-4497-86C6-11EF56BD89F1"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1:-:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90BF177D-A895-4D05-B674-B27420A5DC6B"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "238EC996-8E8C-4332-916F-09E54E6EBB9D"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21B7820C-01D2-401C-9E6D-C83994FD5961"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D2FBD29-2CAC-41B4-9336-671373EF4A7C"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEFCDA90-67E2-4AEF-800C-1D29A9121B8F"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74B99981-840F-4DAD-976A-5DAEFE9FB93D"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDD3ADB9-35FF-41D3-92BD-98D6D4826B03"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "341F2459-8335-40E9-A2B3-BE804D319F95"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2x75:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEC6BBCF-6429-4BD8-9728-4A1B0616D7C9"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2x75:d20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12805C4D-2737-41E4-8950-5B48636765F9"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2x75:d30:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C680D835-0262-46BF-B120-DFBFF377341E"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2x75:d40:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50441A8C-DAB0-4D1A-AA00-FED6056148D3"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5342C3DC-D640-47AB-BD76-3444852988A2"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2ABC574-B3FC-4025-B50D-7F9EEB28C806"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F6EAFC3-C3AC-4361-8530-39FCF89702F7"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B363298-315C-4FD5-9417-C5B82883A224"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7A3FBD3-5399-42A9-9BD9-E3C981CBD6DB"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EBD361C-8B4D-43EF-8B82-9FE165D8206E"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E7539C4-6208-43EB-9A0B-4852D0CE0FA1"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "853F146A-9A0F-49B6-AFD2-9907434212F1"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C012CD07-706A-4E1C-B399-C55AEF5C8309"}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "768C0EB7-8456-4BF4-8598-3401A54D21DA"}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5332B70A-F6B0-4C3B-90E2-5CBFB3326126"}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81439FE8-5405-45C2-BC04-9823D2009A77"}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E506138D-043E-485D-B485-94A2AB75F8E7"}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EF3C901-3599-463F-BEFB-8858768DC195"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:juniper:vmx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FFD39993-E332-4838-876E-902B333B6866"}, {"criteria": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7FE2089C-F341-4DC1-B76D-633BC699306D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "sirt@juniper.net"}