Main Vulnerability Database Vulnerabilities #VU82433

#VU82433 Memory leak in Juniper Junos OS - CVE-2020-1603

Published: January 3, 2020 / Updated: October 26, 2023

Vulnerability identifier: #VU82433

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-1603

CWE-ID: CWE-401

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Juniper Junos OS

Software vendor:
Juniper Networks, Inc.

Description

The vulnerability allows a remote non-authenticated attacker to a crash the entire system.

Specific IPv6 packets sent by clients processed by the Routing Engine (RE) are improperly handled. These IPv6 packets are designed to be blocked by the RE from egressing the RE.

Remediation

Install updates from vendor's website.

External links

https://supportportal.juniper.net/s/article/2020-01-Security-Bulletin-Junos-OS-Improper-handling-of-specific-IPv6-packets-sent-by-clients-eventually-kernel-crash-vmcore-the-device-CVE-2020-1603

#VU82433 Memory leak in Juniper Junos OS - CVE-2020-1603

Description

Remediation

External links

Please verify you're human