First published: Fri Jul 17 2020(Updated: )
On Juniper Networks Junos MX Series with service card configured, receipt of a stream of specific packets may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending these specific packets, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a prolonged Denial of Service. This issue affects MX Series devices using MS-PIC, MS-MIC or MS-MPC service cards with any service configured. This issue affects Juniper Networks Junos OS on MX Series: 17.2R2-S7; 17.3R3-S4, 17.3R3-S5; 17.4R2-S4 and the subsequent SRs (17.4R2-S5, 17.4R2-S6, etc.); 17.4R3; 18.1R3-S3, 18.1R3-S4, 18.1R3-S5, 18.1R3-S6, 18.1R3-S7, 18.1R3-S8; 18.2R3, 18.2R3-S1, 18.2R3-S2; 18.3R2 and the SRs based on 18.3R2; 18.4R2 and the SRs based on 18.4R2; 19.1R1 and the SRs based on 19.1R1; 19.2R1 and the SRs based on 19.2R1; 19.3R1 and the SRs based on 19.3R1.
Credit: sirt@juniper.net
Affected Software | Affected Version | How to fix |
---|---|---|
Juniper JUNOS | =17.2-r2-s7 | |
Juniper JUNOS | =17.4-r2-s4 | |
Juniper JUNOS | =17.4-r2-s5 | |
Juniper JUNOS | =17.4-r2-s6 | |
Juniper JUNOS | =17.4-r2-s7 | |
Juniper JUNOS | =17.4-r2-s8 | |
Juniper JUNOS | =17.4-r2-s9 | |
Juniper JUNOS | =17.4-r3 | |
Juniper JUNOS | =18.1-r1 | |
Juniper JUNOS | =18.1-r2 | |
Juniper JUNOS | =18.1-r3-s3 | |
Juniper JUNOS | =18.1-r3-s4 | |
Juniper JUNOS | =18.1-r3-s5 | |
Juniper JUNOS | =18.1-r3-s6 | |
Juniper JUNOS | =18.1-r3-s7 | |
Juniper JUNOS | =18.1-r3-s8 | |
Juniper JUNOS | =18.2-r1 | |
Juniper JUNOS | =18.2-r1-s3 | |
Juniper JUNOS | =18.2-r1-s4 | |
Juniper JUNOS | =18.2-r2 | |
Juniper JUNOS | =18.2-r3 | |
Juniper JUNOS | =18.2-r3-s1 | |
Juniper JUNOS | =18.2-r3-s2 | |
Juniper JUNOS | =18.3-r2 | |
Juniper JUNOS | =18.3-r2-s1 | |
Juniper JUNOS | =18.3-r2-s2 | |
Juniper JUNOS | =18.3-r2-s3 | |
Juniper JUNOS | =18.4-r2 | |
Juniper JUNOS | =18.4-r2-s1 | |
Juniper JUNOS | =18.4-r2-s2 | |
Juniper JUNOS | =18.4-r2-s3 | |
Juniper JUNOS | =19.1-r1 | |
Juniper JUNOS | =19.1-r1-s1 | |
Juniper JUNOS | =19.1-r1-s2 | |
Juniper JUNOS | =19.1-r1-s3 | |
Juniper JUNOS | =19.2-r1 | |
Juniper JUNOS | =19.2-r1-s1 | |
Juniper JUNOS | =19.2-r1-s2 | |
Juniper JUNOS | =19.3-r1 | |
Juniper JUNOS | =19.3-r1-s1 | |
Juniper Mx10 | ||
Juniper Mx10000 | ||
Juniper Mx10003 | ||
Juniper Mx104 | ||
Juniper Mx150 | ||
Juniper Mx2008 | ||
Juniper Mx2010 | ||
Juniper Mx2020 | ||
Juniper Mx204 | ||
Juniper Mx240 | ||
Juniper Mx40 | ||
Juniper Mx480 | ||
Juniper Mx5 | ||
Juniper Mx80 | ||
Juniper Mx960 |
The following software releases have been updated to resolve this specific issue: 17.2R2-S8, 17.3R3-S6, 17.4R3-S1, 18.1R3-S9, 18.2R3-S3, 18.3R3, 18.4R3, 19.1R2, 19.2R2, 19.3R2, 19.4R1, and all subsequent releases.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-1650 is a vulnerability on Juniper Networks Junos MX Series that can cause a Denial of Service (DoS) by crashing the MS-PIC component on MS-MIC or MS-MPC.
The severity of CVE-2020-1650 is high with a CVSS score of 7.5.
Juniper Junos versions 17.2-r2-s7 to 19.3-r1 are affected by CVE-2020-1650.
By continuously sending specific packets, an attacker can exploit CVE-2020-1650 to bring down the MS-PIC on MS-MIC/MS-MPC.
Check your Juniper MX Series device against the affected software versions listed in Juniper's security advisory (link provided).