admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2020/1xxx/CVE-2020-1602.json
CVE Team 8a71b1a0fd
"-Synchronized-Data."
2020-01-15 09:01:17 +00:00

235 lines
11 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2020-01-08T17:00:00.000Z",
"ID": "CVE-2020-1602",
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: A vulnerability in JDHCPD allows an attacker to send crafted IPv4 packets may take over the code execution of the JDHCPD process."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.1",
"version_value": "15.1R7-S6"
},
{
"version_affected": "<",
"version_name": "15.1X49",
"version_value": "15.1X49-D200"
},
{
"version_affected": "<",
"version_name": "15.1X53",
"version_value": "15.1X53-D592"
},
{
"version_affected": "<",
"version_name": "16.1",
"version_value": "16.1R7-S6"
},
{
"version_affected": "<",
"version_name": "16.2",
"version_value": "16.2R2-S11"
},
{
"version_affected": "<",
"version_name": "17.1",
"version_value": "17.1R2-S11, 17.1R3-S1"
},
{
"version_affected": "<",
"version_name": "17.2",
"version_value": "17.2R2-S8, 17.2R3-S3"
},
{
"version_affected": "<",
"version_name": "17.3",
"version_value": "17.3R3-S6"
},
{
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R2-S7, 17.4R3"
},
{
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R3-S8"
},
{
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R3-S2"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R1-S6, 18.3R2-S2, 18.3R3"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R1-S5, 18.4R2-S3, 18.4R3"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R1-S3, 19.1R2"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S3, 19.2R2"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R1, 19.3R2"
},
{
"version_affected": "<",
"version_name": "18.2X75",
"version_value": "18.2X75-D60"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"platform": "Junos Evolved",
"version_affected": "<",
"version_value": "19.3R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The following minimal configuration is required: \n [forwarding-options dhcp-relay]"
}
],
"credit": [
{
"lang": "eng",
"value": "Longfei Fan from Codesafe Team of Legendsec at Qi'anxin Group"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may remotely take over the code execution of the JDHDCP process. This issue affect IPv4 JDHCPD services. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D592; 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D60; 18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S3, 19.2R2*. and All versions prior to 19.3R1 on Junos OS Evolved. This issue do not affect versions of Junos OS prior to 15.1, or JDHCPD operating as a local server in non-relay mode."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Code Execution of Process"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-416 Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10981",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10981"
},
{
"name": "https://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR1449353",
"refsource": "MISC",
"url": "https://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR1449353"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: \nJunos OS: 15.1R7-S6, 15.1X49-D200, 15.1X53-D592, 16.1R7-S6, 16.2R2-S11, 17.1R2-S11, 17.1R3-S1, 17.2R2-S8, 17.2R3-S3, 17.3R3-S6, 17.4R2-S7, 17.4R3, 18.1R3-S8, 18.2R3-S2, 18.2X75-D60, 18.3R1-S6, 18.3R2-S2, 18.3R3, 18.4R1-S5, 18.4R2-S3, 18.4R3, 19.1R1-S3, 19.1R2, 19.2R1-S3, 19.2R2*, 19.3R1, and all subsequent releases.\n\nJunos OS Evolved: 19.3R1, and all subsequent releases.\n\n*pending publication"
}
],
"source": {
"advisory": "JSA10981",
"defect": [
"1449353"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "If JDHCPD is not needed then disable the service in the device configuration. \nThere are no other viable workarounds for this issue."
}
]
}
Reference in New Issue View Git Blame Copy Permalink