Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-1602

When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may remotely take over the code execution of the JDHDCP process. This issue affect IPv4 JDHCPD services. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D592; 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D60; 18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S3, 19.2R2*. and All versions prior to 19.3R1 on Junos OS Evolved. This issue do not affect versions of Junos OS prior to 15.1, or JDHCPD operating as a local server in non-relay mode.

Published

2020-01-15T09:15:12.000

Last Modified

2024-11-21T05:10:56.373

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.1 (HIGH)

CVSSv2 Vector

AV:A/AC:L/Au:N/C:C/I:C/A:C

Access Vector: ADJACENT_NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

6.5

Impact Score

10.0

Weaknesses

Type: Secondary
CWE-416
Type: Primary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	juniper	junos	15.1	Yes
Operating System	juniper	junos	15.1	Yes
Operating System	juniper	junos	15.1	Yes
Operating System	juniper	junos	15.1	Yes
Operating System	juniper	junos	15.1	Yes
Operating System	juniper	junos	15.1	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	16.1	Yes
Operating System	juniper	junos	16.1	Yes
Operating System	juniper	junos	16.1	Yes
Operating System	juniper	junos	16.1	Yes
Operating System	juniper	junos	16.1	Yes
Operating System	juniper	junos	16.1	Yes
Operating System	juniper	junos	16.1	Yes
Operating System	juniper	junos	16.1	Yes
Operating System	juniper	junos	16.1	Yes
Operating System	juniper	junos	16.1	Yes
Operating System	juniper	junos	16.1	Yes
Operating System	juniper	junos	16.2	Yes
Operating System	juniper	junos	16.2	Yes
Operating System	juniper	junos	16.2	Yes
Operating System	juniper	junos	16.2	Yes
Operating System	juniper	junos	16.2	Yes
Operating System	juniper	junos	16.2	Yes
Operating System	juniper	junos	16.2	Yes
Operating System	juniper	junos	16.2	Yes
Operating System	juniper	junos	16.2	Yes
Operating System	juniper	junos	16.2	Yes
Operating System	juniper	junos	17.1	Yes
Operating System	juniper	junos	17.1	Yes
Operating System	juniper	junos	17.1	Yes
Operating System	juniper	junos	17.1	Yes
Operating System	juniper	junos	17.1	Yes
Operating System	juniper	junos	17.1	Yes
Operating System	juniper	junos	17.1	Yes
Operating System	juniper	junos	17.1	Yes
Operating System	juniper	junos	17.1	Yes
Operating System	juniper	junos	17.1	Yes
Operating System	juniper	junos	17.1	Yes
Operating System	juniper	junos	17.2	Yes
Operating System	juniper	junos	17.2	Yes
Operating System	juniper	junos	17.2	Yes
Operating System	juniper	junos	17.2	Yes
Operating System	juniper	junos	17.2	Yes
Operating System	juniper	junos	17.2	Yes
Operating System	juniper	junos	17.2	Yes
Operating System	juniper	junos	17.2	Yes
Operating System	juniper	junos	17.2	Yes
Operating System	juniper	junos	17.3	Yes
Operating System	juniper	junos	17.3	Yes
Operating System	juniper	junos	17.3	Yes
Operating System	juniper	junos	17.3	Yes
Operating System	juniper	junos	17.3	Yes
Operating System	juniper	junos	17.3	Yes
Operating System	juniper	junos	17.3	Yes
Operating System	juniper	junos	17.3	Yes
Operating System	juniper	junos	17.3	Yes
Operating System	juniper	junos	17.3	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	17.4	Yes
Operating System	juniper	junos	18.1	Yes
Operating System	juniper	junos	18.1	Yes
Operating System	juniper	junos	18.1	Yes
Operating System	juniper	junos	18.2	Yes
Operating System	juniper	junos	18.2	Yes
Operating System	juniper	junos	18.2	Yes
Operating System	juniper	junos	18.2	Yes
Operating System	juniper	junos	18.2	Yes
Operating System	juniper	junos	18.2	Yes
Operating System	juniper	junos	18.2	Yes
Operating System	juniper	junos	18.2	Yes
Operating System	juniper	junos	18.2x75	Yes
Operating System	juniper	junos	18.2x75	Yes
Operating System	juniper	junos	18.2x75	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes

References

https://kb.juniper.net/JSA10981 Vendor Advisory ([email protected])
https://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR1449353 Permissions Required ([email protected])
https://kb.juniper.net/JSA10981 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR1449353 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)