CVE-2020-1682: Junos OS: SRX1500, vSRX, SRX4K, NFX150, NFX250: Denial of service vulnerability executing local CLI command
First published: Fri Oct 16 2020(Updated: )
An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash the srxpfe process, causing a Denial of Service (DoS) through the use of specific maintenance commands. The srxpfe process restarts automatically, but continuous execution of the commands could lead to an extended Denial of Service condition. This issue only affects the SRX1500, SRX4100, SRX4200, NFX150, NFX250, and vSRX-based platforms. No other products or platforms are affected by this vulnerability. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D220 on SRX1500, SRX4100, SRX4200, vSRX; 17.4 versions prior to 17.4R3-S3 on SRX1500, SRX4100, SRX4200, vSRX; 18.1 versions prior to 18.1R3-S11 on SRX1500, SRX4100, SRX4200, vSRX, NFX150; 18.2 versions prior to 18.2R3-S5 on SRX1500, SRX4100, SRX4200, vSRX, NFX150, NFX250; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3 on SRX1500, SRX4100, SRX4200, vSRX, NFX150, NFX250; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4 on SRX1500, SRX4100, SRX4200, vSRX, NFX150, NFX250; 19.1 versions prior to 19.1R3-S2 on SRX1500, SRX4100, SRX4200, vSRX, NFX150, NFX250; 19.2 versions prior to 19.2R1-S5, 19.2R3 on SRX1500, SRX4100, SRX4200, vSRX, NFX150, NFX250. This issue does not affect Junos OS 19.3 or any subsequent version.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Junos | =15.1x49 | |
| Juniper Junos | =15.1x49-d10 | |
| Juniper Junos | =15.1x49-d100 | |
| Juniper Junos | =15.1x49-d110 | |
| Juniper Junos | =15.1x49-d120 | |
| Juniper Junos | =15.1x49-d130 | |
| Juniper Junos | =15.1x49-d140 | |
| Juniper Junos | =15.1x49-d15 | |
| Juniper Junos | =15.1x49-d150 | |
| Juniper Junos | =15.1x49-d160 | |
| Juniper Junos | =15.1x49-d170 | |
| Juniper Junos | =15.1x49-d180 | |
| Juniper Junos | =15.1x49-d190 | |
| Juniper Junos | =15.1x49-d20 | |
| Juniper Junos | =15.1x49-d200 | |
| Juniper Junos | =15.1x49-d210 | |
| Juniper Junos | =15.1x49-d25 | |
| Juniper Junos | =15.1x49-d30 | |
| Juniper Junos | =15.1x49-d35 | |
| Juniper Junos | =15.1x49-d40 | |
| Juniper Junos | =15.1x49-d45 | |
| Juniper Junos | =15.1x49-d50 | |
| Juniper Junos | =15.1x49-d55 | |
| Juniper Junos | =15.1x49-d60 | |
| Juniper Junos | =15.1x49-d65 | |
| Juniper Junos | =15.1x49-d70 | |
| Juniper Junos | =15.1x49-d75 | |
| Juniper Junos | =15.1x49-d80 | |
| Juniper Junos | =15.1x49-d90 | |
| Juniper Junos | =17.4 | |
| Juniper Junos | =17.4-r1 | |
| Juniper Junos | =17.4-r1-s1 | |
| Juniper Junos | =17.4-r1-s2 | |
| Juniper Junos | =17.4-r1-s4 | |
| Juniper Junos | =17.4-r1-s5 | |
| Juniper Junos | =17.4-r1-s6 | |
| Juniper Junos | =17.4-r1-s7 | |
| Juniper Junos | =17.4-r2 | |
| Juniper Junos | =17.4-r2-s1 | |
| Juniper Junos | =17.4-r2-s10 | |
| Juniper Junos | =17.4-r2-s2 | |
| Juniper Junos | =17.4-r2-s3 | |
| Juniper Junos | =17.4-r2-s4 | |
| Juniper Junos | =17.4-r2-s5 | |
| Juniper Junos | =17.4-r2-s6 | |
| Juniper Junos | =17.4-r2-s7 | |
| Juniper Junos | =17.4-r2-s8 | |
| Juniper Junos | =17.4-r2-s9 | |
| Juniper Junos | =17.4-r3 | |
| Juniper Junos | =17.4-r3-s1 | |
| Juniper Junos | =17.4-r3-s2 | |
| Juniper vSRX | ||
| Juniper SRX1500 | ||
| Juniper SRX4100 | ||
| Juniper SRX4200 | ||
| Juniper Junos | =18.1 | |
| Juniper Junos | =18.1-r1 | |
| Juniper Junos | =18.1-r2 | |
| Juniper Junos | =18.1-r2-s1 | |
| Juniper Junos | =18.1-r2-s2 | |
| Juniper Junos | =18.1-r2-s4 | |
| Juniper Junos | =18.1-r3 | |
| Juniper Junos | =18.1-r3-s1 | |
| Juniper Junos | =18.1-r3-s10 | |
| Juniper Junos | =18.1-r3-s2 | |
| Juniper Junos | =18.1-r3-s3 | |
| Juniper Junos | =18.1-r3-s4 | |
| Juniper Junos | =18.1-r3-s6 | |
| Juniper Junos | =18.1-r3-s7 | |
| Juniper Junos | =18.1-r3-s8 | |
| Juniper Junos | =18.1-r3-s9 | |
| Juniper NFX | ||
| Juniper Junos | =18.2 | |
| Juniper Junos | =18.2-r1 | |
| Juniper Junos | =18.2-r1 | |
| Juniper Junos | =18.2-r1-s3 | |
| Juniper Junos | =18.2-r1-s4 | |
| Juniper Junos | =18.2-r1-s5 | |
| Juniper Junos | =18.2-r2 | |
| Juniper Junos | =18.2-r2-s1 | |
| Juniper Junos | =18.2-r2-s2 | |
| Juniper Junos | =18.2-r2-s3 | |
| Juniper Junos | =18.2-r2-s4 | |
| Juniper Junos | =18.2-r2-s5 | |
| Juniper Junos | =18.2-r2-s6 | |
| Juniper Junos | =18.2-r3 | |
| Juniper Junos | =18.2-r3-s1 | |
| Juniper Junos | =18.2-r3-s2 | |
| Juniper Junos | =18.2-r3-s3 | |
| Juniper Junos | =18.2-r3-s4 | |
| Juniper Junos | =18.3 | |
| Juniper Junos | =18.3-r1 | |
| Juniper Junos | =18.3-r1-s1 | |
| Juniper Junos | =18.3-r1-s2 | |
| Juniper Junos | =18.3-r1-s3 | |
| Juniper Junos | =18.3-r1-s5 | |
| Juniper Junos | =18.3-r1-s6 | |
| Juniper Junos | =18.3-r2 | |
| Juniper Junos | =18.3-r2-s1 | |
| Juniper Junos | =18.3-r2-s2 | |
| Juniper Junos | =18.3-r2-s3 | |
| Juniper Junos | =18.3-r3 | |
| Juniper Junos | =18.3-r3-s1 | |
| Juniper Junos | =18.3-r3-s2 | |
| Juniper Junos | =18.4 | |
| Juniper Junos | =18.4-r1 | |
| Juniper Junos | =18.4-r1-s1 | |
| Juniper Junos | =18.4-r1-s2 | |
| Juniper Junos | =18.4-r1-s5 | |
| Juniper Junos | =18.4-r1-s6 | |
| Juniper Junos | =18.4-r2 | |
| Juniper Junos | =18.4-r2-s1 | |
| Juniper Junos | =18.4-r2-s2 | |
| Juniper Junos | =18.4-r2-s3 | |
| Juniper Junos | =18.4-r2-s4 | |
| Juniper Junos | =18.4-r3 | |
| Juniper Junos | =18.4-r3-s1 | |
| Juniper Junos | =18.4-r3-s2 | |
| Juniper Junos | =18.4-r3-s3 | |
| Juniper Junos | =19.1 | |
| Juniper Junos | =19.1-r1 | |
| Juniper Junos | =19.1-r1-s1 | |
| Juniper Junos | =19.1-r1-s2 | |
| Juniper Junos | =19.1-r1-s3 | |
| Juniper Junos | =19.1-r1-s4 | |
| Juniper Junos | =19.1-r2 | |
| Juniper Junos | =19.1-r2-s1 | |
| Juniper Junos | =19.1-r3 | |
| Juniper Junos | =19.1-r3-s1 | |
| Juniper Junos | =19.2 | |
| Juniper Junos | =19.2-r1 | |
| Juniper Junos | =19.2-r1-s1 | |
| Juniper Junos | =19.2-r1-s2 | |
| Juniper Junos | =19.2-r1-s3 | |
| Juniper Junos | =19.2-r1-s4 | |
| Juniper Junos | =19.2-r2 | |
| Juniper NFX |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS 15.1X49-D220, 17.4R3-S3, 18.1R3-S11, 18.2R3-S5, 18.3R2-S4, 18.3R3-S3, 18.4R2-S5, 18.4R3-S4, 19.1R3-S2, 19.2R1-S5, and 19.2R3. Note: This fix has also been proactively committed into other releases that might not be vulnerable to this issue.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-1682?
CVE-2020-1682 is rated as a high severity vulnerability due to its potential to cause a Denial of Service.
How do I fix CVE-2020-1682?
To fix CVE-2020-1682, upgrade affected devices to the latest Junos OS versions that address this vulnerability.
What devices are affected by CVE-2020-1682?
CVE-2020-1682 affects specific versions of Junos OS running on devices like Juniper SRX and vSRX models.
What are the impacts of CVE-2020-1682?
The impact of CVE-2020-1682 can lead to the crashing of the srxpfe process, resulting in a denial of service until the process restarts.
Is there a workaround for CVE-2020-1682?
Currently, there are no documented workarounds for CVE-2020-1682; upgrading to fixed versions is recommended.
- agent/type
- agent/title
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/15.1x49
- version/juniper junos/15.1x49-d10
- version/juniper junos/15.1x49-d100
- version/juniper junos/15.1x49-d110
- version/juniper junos/15.1x49-d120
- version/juniper junos/15.1x49-d130
- version/juniper junos/15.1x49-d140
- version/juniper junos/15.1x49-d15
- version/juniper junos/15.1x49-d150
- version/juniper junos/15.1x49-d160
- version/juniper junos/15.1x49-d170
- version/juniper junos/15.1x49-d180
- version/juniper junos/15.1x49-d190
- version/juniper junos/15.1x49-d20
- version/juniper junos/15.1x49-d200
- version/juniper junos/15.1x49-d210
- version/juniper junos/15.1x49-d25
- version/juniper junos/15.1x49-d30
- version/juniper junos/15.1x49-d35
- version/juniper junos/15.1x49-d40
- version/juniper junos/15.1x49-d45
- version/juniper junos/15.1x49-d50
- version/juniper junos/15.1x49-d55
- version/juniper junos/15.1x49-d60
- version/juniper junos/15.1x49-d65
- version/juniper junos/15.1x49-d70
- version/juniper junos/15.1x49-d75
- version/juniper junos/15.1x49-d80
- version/juniper junos/15.1x49-d90
- version/juniper junos/17.4
- version/juniper junos/17.4-r1
- version/juniper junos/17.4-r1-s1
- version/juniper junos/17.4-r1-s2
- version/juniper junos/17.4-r1-s4
- version/juniper junos/17.4-r1-s5
- version/juniper junos/17.4-r1-s6
- version/juniper junos/17.4-r1-s7
- version/juniper junos/17.4-r2
- version/juniper junos/17.4-r2-s1
- version/juniper junos/17.4-r2-s10
- version/juniper junos/17.4-r2-s2
- version/juniper junos/17.4-r2-s3
- version/juniper junos/17.4-r2-s4
- version/juniper junos/17.4-r2-s5
- version/juniper junos/17.4-r2-s6
- version/juniper junos/17.4-r2-s7
- version/juniper junos/17.4-r2-s8
- version/juniper junos/17.4-r2-s9
- version/juniper junos/17.4-r3
- version/juniper junos/17.4-r3-s1
- version/juniper junos/17.4-r3-s2
- canonical/juniper vsrx
- canonical/juniper srx1500
- canonical/juniper srx4100
- canonical/juniper srx4200
- version/juniper junos/18.1
- version/juniper junos/18.1-r1
- version/juniper junos/18.1-r2
- version/juniper junos/18.1-r2-s1
- version/juniper junos/18.1-r2-s2
- version/juniper junos/18.1-r2-s4
- version/juniper junos/18.1-r3
- version/juniper junos/18.1-r3-s1
- version/juniper junos/18.1-r3-s10
- version/juniper junos/18.1-r3-s2
- version/juniper junos/18.1-r3-s3
- version/juniper junos/18.1-r3-s4
- version/juniper junos/18.1-r3-s6
- version/juniper junos/18.1-r3-s7
- version/juniper junos/18.1-r3-s8
- version/juniper junos/18.1-r3-s9
- canonical/juniper nfx
- version/juniper junos/18.2
- version/juniper junos/18.2-r1
- version/juniper junos/18.2-r1-s3
- version/juniper junos/18.2-r1-s4
- version/juniper junos/18.2-r1-s5
- version/juniper junos/18.2-r2
- version/juniper junos/18.2-r2-s1
- version/juniper junos/18.2-r2-s2
- version/juniper junos/18.2-r2-s3
- version/juniper junos/18.2-r2-s4
- version/juniper junos/18.2-r2-s5
- version/juniper junos/18.2-r2-s6
- version/juniper junos/18.2-r3
- version/juniper junos/18.2-r3-s1
- version/juniper junos/18.2-r3-s2
- version/juniper junos/18.2-r3-s3
- version/juniper junos/18.2-r3-s4
- version/juniper junos/18.3
- version/juniper junos/18.3-r1
- version/juniper junos/18.3-r1-s1
- version/juniper junos/18.3-r1-s2
- version/juniper junos/18.3-r1-s3
- version/juniper junos/18.3-r1-s5
- version/juniper junos/18.3-r1-s6
- version/juniper junos/18.3-r2
- version/juniper junos/18.3-r2-s1
- version/juniper junos/18.3-r2-s2
- version/juniper junos/18.3-r2-s3
- version/juniper junos/18.3-r3
- version/juniper junos/18.3-r3-s1
- version/juniper junos/18.3-r3-s2
- version/juniper junos/18.4
- version/juniper junos/18.4-r1
- version/juniper junos/18.4-r1-s1
- version/juniper junos/18.4-r1-s2
- version/juniper junos/18.4-r1-s5
- version/juniper junos/18.4-r1-s6
- version/juniper junos/18.4-r2
- version/juniper junos/18.4-r2-s1
- version/juniper junos/18.4-r2-s2
- version/juniper junos/18.4-r2-s3
- version/juniper junos/18.4-r2-s4
- version/juniper junos/18.4-r3
- version/juniper junos/18.4-r3-s1
- version/juniper junos/18.4-r3-s2
- version/juniper junos/18.4-r3-s3
- version/juniper junos/19.1
- version/juniper junos/19.1-r1
- version/juniper junos/19.1-r1-s1
- version/juniper junos/19.1-r1-s2
- version/juniper junos/19.1-r1-s3
- version/juniper junos/19.1-r1-s4
- version/juniper junos/19.1-r2
- version/juniper junos/19.1-r2-s1
- version/juniper junos/19.1-r3
- version/juniper junos/19.1-r3-s1
- version/juniper junos/19.2
- version/juniper junos/19.2-r1
- version/juniper junos/19.2-r1-s1
- version/juniper junos/19.2-r1-s2
- version/juniper junos/19.2-r1-s3
- version/juniper junos/19.2-r1-s4
- version/juniper junos/19.2-r2