mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
174 lines
8.0 KiB
JSON
174 lines
8.0 KiB
JSON
{
|
|
"id": "CVE-2020-1678",
|
|
"sourceIdentifier": "sirt@juniper.net",
|
|
"published": "2020-10-16T21:15:13.630",
|
|
"lastModified": "2021-10-25T15:20:20.607",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. If the memory is exhausted the rpd process might crash. If the issue occurs, the memory leak could be seen by executing the \"show task memory detail | match policy | match evpn\" command multiple times to check if memory (Alloc Blocks value) is increasing. root@device> show task memory detail | match policy | match evpn ------------------------ Allocator Memory Report ------------------------ Name | Size | Alloc DTXP Size | Alloc Blocks | Alloc Bytes | MaxAlloc Blocks | MaxAlloc Bytes Policy EVPN Params 20 24 3330678 79936272 3330678 79936272 root@device> show task memory detail | match policy | match evpn ------------------------ Allocator Memory Report ------------------------ Name | Size | Alloc DTXP Size | Alloc Blocks | Alloc Bytes | MaxAlloc Blocks | MaxAlloc Bytes Policy EVPN Params 20 24 36620255 878886120 36620255 878886120 This issue affects: Juniper Networks Junos OS 19.4 versions prior to 19.4R2; 20.1 versions prior to 20.1R1-S4, 20.1R2; Juniper Networks Junos OS Evolved: 19.4 versions; 20.1 versions prior to 20.1R1-S4-EVO, 20.1R2-EVO; 20.2 versions prior to 20.2R1-EVO; This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "En las plataformas Juniper Networks Junos OS y Junos OS Evolved con EVPN configurado, la recepci\u00f3n de paquetes BGP espec\u00edficos causa un filtrado de la memoria lento. Si se agota la memoria, el proceso rpd podr\u00eda bloquearse. Si ocurre el problema, el filtrado de la memoria puede ser visualizado ejecutando el comando \"show task memory detail | match policy | match evpn\" varias veces para comprobar si la memoria (valor de Alloc Blocks) est\u00e1 aumentando. root@device) show task memory detail | match policy | match evpn ------------------------ Allocator Memory Report ------------------------ Name | Size | Alloc DTXP Size | Alloc Blocks | Alloc Bytes | MaxAlloc Blocks | MaxAlloc Bytes Policy EVPN Params 20 24 3330678 79936272 3330678 79936272 root@device> show task memory detail | match policy | match evpn ------------------------ Allocator Memory Report ------------------------ Name | Size | Alloc DTXP Size | Alloc Blocks | Alloc Bytes | MaxAlloc Blocks | MaxAlloc Bytes Policy EVPN Params 20 24 36620255 878886120 36620255 878886120. Este problema afecta a: Juniper Networks Junos OS versiones 19.4 anteriores a 19.4R2; versiones 20.1 anteriores a 20.1R1-S4, 20.1R2; Juniper Networks Junos OS Evolved: versiones 19.4; versiones 20.1 anteriores a 20.1R1-S4-EVO, 20.1R2-EVO; versiones 20.2 anteriores a 20.2R1-EVO; Este problema no afecta: Juniper Networks Junos OS versiones anteriores a 19.4R1. Juniper Networks Junos OS Evolved versiones anteriores a 19.4R1-EVO"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "sirt@juniper.net",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "ADJACENT_NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 6.5,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 2.8,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
|
|
"accessVector": "ADJACENT_NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 2.9
|
|
},
|
|
"baseSeverity": "LOW",
|
|
"exploitabilityScore": 5.5,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-401"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "sirt@juniper.net",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-400"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DC743EE4-8833-452A-94DB-655BF139F883"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FE96A8EA-FFE3-4D8F-9266-21899149D634"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C12A75C6-2D00-4202-B861-00FF71585FA0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8328FDE6-9707-4142-B905-3B07C0E28E35"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "83447F3F-79A3-41DF-8FD1-31DCFCBE40A4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2B14CED1-BEAF-4343-A05D-FB1E2B6AC955"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r2-s1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ABB91C38-8C70-436A-83DB-42B8DF81D7D8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AED25FB6-E3FA-4543-90B2-50068D683D50"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F64FBB4B-7CBF-499B-A523-804857DEFAFA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.2:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "487A82C9-7B7E-4ACA-BABF-65B8504079AD"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://kb.juniper.net/JSA11075",
|
|
"source": "sirt@juniper.net",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |