high
8.8
CWE
20 476
Advisory Published
Updated

CVE-2020-1656: Junos OS: When a DHCPv6 Relay-Agent is configured upon receipt of a specific DHCPv6 client message, Remote Code Execution may occur.

First published: Fri Oct 16 2020(Updated: )

The DHCPv6 Relay-Agent service, part of the Juniper Enhanced jdhcpd daemon shipped with Juniper Networks Junos OS has an Improper Input Validation vulnerability which will result in a Denial of Service (DoS) condition when a DHCPv6 client sends a specific DHPCv6 message allowing an attacker to potentially perform a Remote Code Execution (RCE) attack on the target device. Continuous receipt of the specific DHCPv6 client message will result in an extended Denial of Service (DoS) condition. If adjacent devices are also configured to relay DHCP packets, and are not affected by this issue and simply transparently forward unprocessed client DHCPv6 messages, then the attack vector can be a Network-based attack, instead of an Adjacent-device attack. No other DHCP services are affected. Receipt of the packet without configuration of the DHCPv6 Relay-Agent service, will not result in exploitability of this issue. This issue affects Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D95; 14.1X53 versions prior to 14.1X53-D53; 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D593; 16.1 versions prior to 16.1R7-S7; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S2; 17.2 versions prior to 17.2R3-S3; 17.2X75 versions prior to 17.2X75-D44; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S9; 18.2 versions prior to 18.2R2-S6, 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D12, 18.2X75-D33, 18.2X75-D435, 18.2X75-D60; 18.3 versions prior to 18.3R1-S7, 18.3R2-S3, 18.3R3-S1; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3; 19.1 versions prior to 19.1R1-S4, 19.1R2; 19.2 versions prior to 19.2R1-S3, 19.2R2; 19.3 versions prior to 19.3R2.

Credit: sirt@juniper.net

Affected SoftwareAffected VersionHow to fix
Junos OS Evolved=12.3
Junos OS Evolved=12.3-r1
Junos OS Evolved=12.3-r10
Junos OS Evolved=12.3-r10-s1
Junos OS Evolved=12.3-r10-s2
Junos OS Evolved=12.3-r11
Junos OS Evolved=12.3-r12
Junos OS Evolved=12.3-r12-s1
Junos OS Evolved=12.3-r12-s11
Junos OS Evolved=12.3-r12-s12
Junos OS Evolved=12.3-r12-s13
Junos OS Evolved=12.3-r12-s14
Junos OS Evolved=12.3x48
Junos OS Evolved=12.3x48-d10
Junos OS Evolved=12.3x48-d100
Junos OS Evolved=12.3x48-d15
Junos OS Evolved=12.3x48-d20
Junos OS Evolved=12.3x48-d25
Junos OS Evolved=12.3x48-d30
Junos OS Evolved=12.3x48-d35
Junos OS Evolved=12.3x48-d40
Junos OS Evolved=12.3x48-d45
Junos OS Evolved=12.3x48-d50
Junos OS Evolved=12.3x48-d51
Junos OS Evolved=12.3x48-d55
Junos OS Evolved=12.3x48-d60
Junos OS Evolved=12.3x48-d65
Junos OS Evolved=12.3x48-d70
Junos OS Evolved=12.3x48-d75
Junos OS Evolved=12.3x48-d80
Junos OS Evolved=12.3x48-d90
Junos OS Evolved=14.1x53
Junos OS Evolved=14.1x53-d10
Junos OS Evolved=14.1x53-d121
Junos OS Evolved=14.1x53-d15
Junos OS Evolved=14.1x53-d16
Junos OS Evolved=14.1x53-d25
Junos OS Evolved=14.1x53-d26
Junos OS Evolved=14.1x53-d27
Junos OS Evolved=14.1x53-d30
Junos OS Evolved=14.1x53-d34
Junos OS Evolved=14.1x53-d35
Junos OS Evolved=14.1x53-d40
Junos OS Evolved=14.1x53-d42
Junos OS Evolved=14.1x53-d43
Junos OS Evolved=14.1x53-d44
Junos OS Evolved=14.1x53-d45
Junos OS Evolved=14.1x53-d48
Junos OS Evolved=14.1x53-d50
Junos OS Evolved=14.1x53-d51
Junos OS Evolved=14.1x53-d52
Junos OS Evolved=15.1
Junos OS Evolved=15.1-a1
Junos OS Evolved=15.1-f
Junos OS Evolved=15.1-f1
Junos OS Evolved=15.1-f2
Junos OS Evolved=15.1-f2-s1
Junos OS Evolved=15.1-f2-s2
Junos OS Evolved=15.1-f2-s3
Junos OS Evolved=15.1-f2-s4
Junos OS Evolved=15.1-f3
Junos OS Evolved=15.1-f4
Junos OS Evolved=15.1-f5
Junos OS Evolved=15.1-f5-s7
Junos OS Evolved=15.1-f6
Junos OS Evolved=15.1-f6-s1
Junos OS Evolved=15.1-f6-s12
Junos OS Evolved=15.1-f6-s2
Junos OS Evolved=15.1-f6-s3
Junos OS Evolved=15.1-f6-s4
Junos OS Evolved=15.1-f6-s7
Junos OS Evolved=15.1-f7
Junos OS Evolved=15.1-r1
Junos OS Evolved=15.1-r2
Junos OS Evolved=15.1-r3
Junos OS Evolved=15.1-r4
Junos OS Evolved=15.1-r4-s7
Junos OS Evolved=15.1-r4-s8
Junos OS Evolved=15.1-r4-s9
Junos OS Evolved=15.1-r5
Junos OS Evolved=15.1-r5-s1
Junos OS Evolved=15.1-r5-s5
Junos OS Evolved=15.1-r5-s6
Junos OS Evolved=15.1-r6
Junos OS Evolved=15.1-r6-s1
Junos OS Evolved=15.1-r6-s2
Junos OS Evolved=15.1-r6-s6
Junos OS Evolved=15.1-r7
Junos OS Evolved=15.1-r7-s1
Junos OS Evolved=15.1-r7-s2
Junos OS Evolved=15.1-r7-s3
Junos OS Evolved=15.1-r7-s4
Junos OS Evolved=15.1-r7-s5
Junos OS Evolved=15.1x49
Junos OS Evolved=15.1x49-d10
Junos OS Evolved=15.1x49-d100
Junos OS Evolved=15.1x49-d110
Junos OS Evolved=15.1x49-d120
Junos OS Evolved=15.1x49-d130
Junos OS Evolved=15.1x49-d140
Junos OS Evolved=15.1x49-d15
Junos OS Evolved=15.1x49-d150
Junos OS Evolved=15.1x49-d160
Junos OS Evolved=15.1x49-d170
Junos OS Evolved=15.1x49-d180
Junos OS Evolved=15.1x49-d190
Junos OS Evolved=15.1x49-d20
Junos OS Evolved=15.1x49-d25
Junos OS Evolved=15.1x49-d30
Junos OS Evolved=15.1x49-d35
Junos OS Evolved=15.1x49-d40
Junos OS Evolved=15.1x49-d45
Junos OS Evolved=15.1x49-d50
Junos OS Evolved=15.1x49-d55
Junos OS Evolved=15.1x49-d60
Junos OS Evolved=15.1x49-d65
Junos OS Evolved=15.1x49-d70
Junos OS Evolved=15.1x49-d75
Junos OS Evolved=15.1x49-d80
Junos OS Evolved=15.1x49-d90
Junos OS Evolved=15.1x53
Junos OS Evolved=15.1x53-d10
Junos OS Evolved=15.1x53-d20
Junos OS Evolved=15.1x53-d21
Junos OS Evolved=15.1x53-d210
Junos OS Evolved=15.1x53-d230
Junos OS Evolved=15.1x53-d231
Junos OS Evolved=15.1x53-d232
Junos OS Evolved=15.1x53-d233
Junos OS Evolved=15.1x53-d234
Junos OS Evolved=15.1x53-d235
Junos OS Evolved=15.1x53-d236
Junos OS Evolved=15.1x53-d237
Junos OS Evolved=15.1x53-d25
Junos OS Evolved=15.1x53-d30
Junos OS Evolved=15.1x53-d31
Junos OS Evolved=15.1x53-d32
Junos OS Evolved=15.1x53-d33
Junos OS Evolved=15.1x53-d34
Junos OS Evolved=15.1x53-d40
Junos OS Evolved=15.1x53-d45
Junos OS Evolved=15.1x53-d47
Junos OS Evolved=15.1x53-d470
Junos OS Evolved=15.1x53-d48
Junos OS Evolved=15.1x53-d495
Junos OS Evolved=15.1x53-d50
Junos OS Evolved=15.1x53-d51
Junos OS Evolved=15.1x53-d52
Junos OS Evolved=15.1x53-d55
Junos OS Evolved=15.1x53-d56
Junos OS Evolved=15.1x53-d57
Junos OS Evolved=15.1x53-d58
Junos OS Evolved=15.1x53-d59
Junos OS Evolved=15.1x53-d590
Junos OS Evolved=15.1x53-d591
Junos OS Evolved=15.1x53-d592
Junos OS Evolved=15.1x53-d60
Junos OS Evolved=15.1x53-d61
Junos OS Evolved=15.1x53-d62
Junos OS Evolved=15.1x53-d63
Junos OS Evolved=15.1x53-d64
Junos OS Evolved=15.1x53-d65
Junos OS Evolved=15.1x53-d66
Junos OS Evolved=15.1x53-d67
Junos OS Evolved=15.1x53-d68
Junos OS Evolved=15.1x53-d69
Junos OS Evolved=15.1x53-d70
Junos OS Evolved=16.1
Junos OS Evolved=16.1-r1
Junos OS Evolved=16.1-r2
Junos OS Evolved=16.1-r3
Junos OS Evolved=16.1-r3-s10
Junos OS Evolved=16.1-r3-s11
Junos OS Evolved=16.1-r4
Junos OS Evolved=16.1-r4-s12
Junos OS Evolved=16.1-r4-s2
Junos OS Evolved=16.1-r4-s3
Junos OS Evolved=16.1-r4-s4
Junos OS Evolved=16.1-r4-s6
Junos OS Evolved=16.1-r5
Junos OS Evolved=16.1-r5-s4
Junos OS Evolved=16.1-r6-s1
Junos OS Evolved=16.1-r6-s6
Junos OS Evolved=16.1-r7
Junos OS Evolved=16.1-r7-s2
Junos OS Evolved=16.1-r7-s3
Junos OS Evolved=16.1-r7-s4
Junos OS Evolved=16.1-r7-s5
Junos OS Evolved=16.1-r7-s6
Junos OS Evolved=16.2
Junos OS Evolved=16.2-r1
Junos OS Evolved=16.2-r2
Junos OS Evolved=16.2-r2-s1
Junos OS Evolved=16.2-r2-s10
Junos OS Evolved=16.2-r2-s2
Junos OS Evolved=16.2-r2-s5
Junos OS Evolved=16.2-r2-s6
Junos OS Evolved=16.2-r2-s7
Junos OS Evolved=16.2-r2-s8
Junos OS Evolved=16.2-r2-s9
Junos OS Evolved=17.1
Junos OS Evolved=17.1-r1
Junos OS Evolved=17.1-r2
Junos OS Evolved=17.1-r2-s1
Junos OS Evolved=17.1-r2-s10
Junos OS Evolved=17.1-r2-s2
Junos OS Evolved=17.1-r2-s3
Junos OS Evolved=17.1-r2-s4
Junos OS Evolved=17.1-r2-s5
Junos OS Evolved=17.1-r2-s6
Junos OS Evolved=17.1-r2-s7
Junos OS Evolved=17.1-r2-s8
Junos OS Evolved=17.1-r2-s9
Junos OS Evolved=17.1-r3-s1
Junos OS Evolved=17.2
Junos OS Evolved=17.2-r1
Junos OS Evolved=17.2-r1-s1
Junos OS Evolved=17.2-r1-s2
Junos OS Evolved=17.2-r1-s3
Junos OS Evolved=17.2-r1-s4
Junos OS Evolved=17.2-r1-s5
Junos OS Evolved=17.2-r1-s7
Junos OS Evolved=17.2-r1-s8
Junos OS Evolved=17.2-r2
Junos OS Evolved=17.2-r2-s11
Junos OS Evolved=17.2-r2-s6
Junos OS Evolved=17.2-r2-s7
Junos OS Evolved=17.2-r3-s1
Junos OS Evolved=17.2-r3-s2
Junos OS Evolved=17.2x75
Junos OS Evolved=17.3
Junos OS Evolved=17.3-r1-s1
Junos OS Evolved=17.3-r2
Junos OS Evolved=17.3-r2-s1
Junos OS Evolved=17.3-r2-s2
Junos OS Evolved=17.3-r2-s3
Junos OS Evolved=17.3-r2-s4
Junos OS Evolved=17.3-r2-s5
Junos OS Evolved=17.3-r3
Junos OS Evolved=17.3-r3-s1
Junos OS Evolved=17.3-r3-s2
Junos OS Evolved=17.3-r3-s3
Junos OS Evolved=17.3-r3-s4
Junos OS Evolved=17.3-r3-s5
Junos OS Evolved=17.3-r3-s6
Junos OS Evolved=17.4
Junos OS Evolved=17.4-r1
Junos OS Evolved=17.4-r1-s1
Junos OS Evolved=17.4-r1-s2
Junos OS Evolved=17.4-r1-s4
Junos OS Evolved=17.4-r1-s5
Junos OS Evolved=17.4-r1-s6
Junos OS Evolved=17.4-r1-s7
Junos OS Evolved=17.4-r2
Junos OS Evolved=17.4-r2-s1
Junos OS Evolved=17.4-r2-s2
Junos OS Evolved=17.4-r2-s3
Junos OS Evolved=17.4-r2-s4
Junos OS Evolved=17.4-r2-s5
Junos OS Evolved=17.4-r2-s6
Junos OS Evolved=17.4-r2-s7
Junos OS Evolved=17.4-r2-s8
Junos OS Evolved=18.1
Junos OS Evolved=18.1-r1
Junos OS Evolved=18.1-r2
Junos OS Evolved=18.1-r2-s1
Junos OS Evolved=18.1-r2-s2
Junos OS Evolved=18.1-r2-s4
Junos OS Evolved=18.1-r3
Junos OS Evolved=18.1-r3-s1
Junos OS Evolved=18.1-r3-s2
Junos OS Evolved=18.1-r3-s3
Junos OS Evolved=18.1-r3-s4
Junos OS Evolved=18.1-r3-s6
Junos OS Evolved=18.1-r3-s7
Junos OS Evolved=18.1-r3-s8
Junos OS Evolved=18.2
Junos OS Evolved=18.2-r1
Junos OS Evolved=18.2-r1
Junos OS Evolved=18.2-r1-s3
Junos OS Evolved=18.2-r1-s4
Junos OS Evolved=18.2-r1-s5
Junos OS Evolved=18.2-r2
Junos OS Evolved=18.2-r2-s1
Junos OS Evolved=18.2-r2-s2
Junos OS Evolved=18.2-r2-s3
Junos OS Evolved=18.2-r2-s4
Junos OS Evolved=18.2-r2-s5
Junos OS Evolved=18.2-r3
Junos OS Evolved=18.2-r3-s1
Junos OS Evolved=18.2x75
Junos OS Evolved=18.2x75-d20
Junos OS Evolved=18.2x75-d30
Junos OS Evolved=18.2x75-d40
Junos OS Evolved=18.2x75-d411
Junos OS Evolved=18.2x75-d51
Junos OS Evolved=18.3
Junos OS Evolved=18.3-r1
Junos OS Evolved=18.3-r1-s1
Junos OS Evolved=18.3-r1-s2
Junos OS Evolved=18.3-r1-s3
Junos OS Evolved=18.3-r1-s5
Junos OS Evolved=18.3-r1-s6
Junos OS Evolved=18.3-r2
Junos OS Evolved=18.3-r2-s1
Junos OS Evolved=18.3-r2-s2
Junos OS Evolved=18.3-r3
Junos OS Evolved=18.4
Junos OS Evolved=18.4-r1
Junos OS Evolved=18.4-r1-s1
Junos OS Evolved=18.4-r1-s2
Junos OS Evolved=18.4-r2
Junos OS Evolved=18.4-r2-s1
Junos OS Evolved=18.4-r2-s2
Junos OS Evolved=19.1
Junos OS Evolved=19.1-r1
Junos OS Evolved=19.1-r1-s1
Junos OS Evolved=19.1-r1-s2
Junos OS Evolved=19.1-r1-s3
Junos OS Evolved=19.2
Junos OS Evolved=19.2-r1
Junos OS Evolved=19.2-r1-s1
Junos OS Evolved=19.2-r1-s2
Junos OS Evolved=19.3
Junos OS Evolved=19.3-r1
Junos OS Evolved=19.3-r1-s1

Remedy

The following software releases have been updated to resolve this specific issue: Junos OS 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D53, 15.1R7-S6, 15.1X49-D200, 15.1X53-D593, 16.1R7-S7, 16.2R2-S11, 17.1R2-S11, 17.1R3-S2, 17.2R3-S3, 17.2X75-D44, 17.3R3-S7, 17.4R2-S9, 17.4R3, 18.1R3-S9, 18.2R2-S6, 18.2R3-S2, 18.2X75-D12, 18.2X75-D33, 18.2X75-D435, 18.2X75-D60, 18.3R1-S7, 18.3R2-S3, 18.3R3-S1, 18.4R1-S5, 18.4R2-S3, 18.4R3, 19.1R1-S4, 19.1R2, 19.1R3, 19.2R1-S3, 19.2R2, 19.4R1, and all subsequent releases.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2020-1656?

    CVE-2020-1656 is an improper input validation vulnerability in the DHCPv6 Relay-Agent service of Juniper Networks Junos OS that can cause a Denial of Service (DoS) condition.

  • What is the severity of CVE-2020-1656?

    CVE-2020-1656 has been classified with a high severity rating due to its potential impact on service availability.

  • How do I fix CVE-2020-1656?

    To fix CVE-2020-1656, update Junos OS to a version that is not affected by this vulnerability as outlined in the vendor's advisory.

  • Which versions of Junos OS are affected by CVE-2020-1656?

    CVE-2020-1656 affects multiple versions of Junos OS, including versions 12.3, 14.1, 15.1, and 16.1 among others.

  • What are the potential consequences of CVE-2020-1656?

    The main consequence of CVE-2020-1656 is that it may lead to a Denial of Service (DoS), impacting network performance and availability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203