When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine (PFE) will become disabled upon receipt of large packets requiring fragmentation, generating the following error messages: [LOG: Err] MQSS(0): WO: Packet Error - Error Packets 1, Connection 29 [LOG: Err] eachip_hmcif_rx_intr_handler(7259): EA[0:0]: HMCIF Rx: Injected checksum error detected on WO response - Chunk Address 0x0 [LOG: Err] MQSS(0): DRD: RORD1: CMD reorder ID error - Command 11, Reorder ID 1838, QID 0 [LOG: Err] MQSS(0): DRD: UNROLL0: HMC chunk length error in stage 5 - Chunk Address: 0x4321f3 [LOG: Err] MQSS(0): DRD: UNROLL0: HMC chunk address error in stage 5 - Chunk Address: 0x0 [LOG: Notice] Error: /fpc/8/pfe/0/cm/0/MQSS(0)/0/MQSS_CMERROR_DRD_RORD_ENG_INT_REG_CMD_FSM_STATE_ERR (0x2203cc), scope: pfe, category: functional, severity: major, module: MQSS(0), type: DRD_RORD_ENG_INT: CMD FSM State Error [LOG: Notice] Performing action cmalarm for error /fpc/8/pfe/0/cm/0/MQSS(0)/0/MQSS_CMERROR_DRD_RORD_ENG_INT_REG_CMD_FSM_STATE_ERR (0x2203cc) in module: MQSS(0) with scope: pfe category: functional level: major [LOG: Notice] Performing action get-state for error /fpc/8/pfe/0/cm/0/MQSS(0)/0/MQSS_CMERROR_DRD_RORD_ENG_INT_REG_CMD_FSM_STATE_ERR (0x2203cc) in module: MQSS(0) with scope: pfe category: functional level: major [LOG: Notice] Performing action disable-pfe for error /fpc/8/pfe/0/cm/0/MQSS(0)/0/MQSS_CMERROR_DRD_RORD_ENG_INT_REG_CMD_FSM_STATE_ERR (0x2203cc) in module: MQSS(0) with scope: pfe category: functional level: major By continuously sending fragmented packets that cannot be reassembled, an attacker can repeatedly disable the PFE causing a sustained Denial of Service (DoS). This issue affects Juniper Networks Junos OS: 17.2 versions prior to 17.2R3-S4 on MX Series; 17.3 versions prior to 17.3R3-S8 on MX Series; 17.4 versions prior to 17.4R2-S10, 17.4R3-S2 on MX Series; 18.1 versions prior to 18.1R3-S10 on MX Series; 18.2 versions prior to 18.2R3-S3 on MX Series; 18.2X75 versions prior to 18.2X75-D41, 18.2X75-D430, 18.2X75-D65 on MX Series; 18.3 versions prior to 18.3R1-S7, 18.3R2-S4, 18.3R3-S1 on MX Series; 18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3 on MX Series; 19.1 versions prior to 19.1R1-S5, 19.1R2-S1, 19.1R3 on MX Series; 19.2 versions prior to 19.2R1-S4, 19.2R2 on MX Series; 19.3 versions prior to 19.3R2-S2, 19.3R3 on MX Series. This issue is specific to inline IP reassembly, introduced in Junos OS 17.2. Versions of Junos OS prior to 17.2 are unaffected by this vulnerability.
This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 5.3, indicating it can be exploited remotely over the network with relatively low complexity without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts and limited availability for affected systems. Impacting 16 products from juniper, from juniper, from juniper and 13 others, organizations running these solutions should prioritize assessment and patching.
Reported in 2020, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.
2020-07-17T19:15:14.093
2024-11-21T05:11:05.850
Modified
CVSSv3.1: 5.3 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.2 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.3 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 17.4 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.1 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2 | Yes |
| Operating System | juniper | junos | 18.2x75 | Yes |
| Operating System | juniper | junos | 18.2x75 | Yes |
| Operating System | juniper | junos | 18.2x75 | Yes |
| Operating System | juniper | junos | 18.2x75 | Yes |
| Operating System | juniper | junos | 18.3 | Yes |
| Operating System | juniper | junos | 18.3 | Yes |
| Operating System | juniper | junos | 18.3 | Yes |
| Operating System | juniper | junos | 18.3 | Yes |
| Operating System | juniper | junos | 18.3 | Yes |
| Operating System | juniper | junos | 18.3 | Yes |
| Operating System | juniper | junos | 18.3 | Yes |
| Operating System | juniper | junos | 18.3 | Yes |
| Operating System | juniper | junos | 18.3 | Yes |
| Operating System | juniper | junos | 18.3 | Yes |
| Operating System | juniper | junos | 18.3 | Yes |
| Operating System | juniper | junos | 18.3 | Yes |
| Operating System | juniper | junos | 18.4 | Yes |
| Operating System | juniper | junos | 18.4 | Yes |
| Operating System | juniper | junos | 18.4 | Yes |
| Operating System | juniper | junos | 18.4 | Yes |
| Operating System | juniper | junos | 18.4 | Yes |
| Operating System | juniper | junos | 18.4 | Yes |
| Operating System | juniper | junos | 18.4 | Yes |
| Operating System | juniper | junos | 18.4 | Yes |
| Operating System | juniper | junos | 18.4 | Yes |
| Operating System | juniper | junos | 18.4 | Yes |
| Operating System | juniper | junos | 19.1 | Yes |
| Operating System | juniper | junos | 19.1 | Yes |
| Operating System | juniper | junos | 19.1 | Yes |
| Operating System | juniper | junos | 19.1 | Yes |
| Operating System | juniper | junos | 19.1 | Yes |
| Operating System | juniper | junos | 19.1 | Yes |
| Operating System | juniper | junos | 19.1 | Yes |
| Operating System | juniper | junos | 19.2 | Yes |
| Operating System | juniper | junos | 19.2 | Yes |
| Operating System | juniper | junos | 19.2 | Yes |
| Operating System | juniper | junos | 19.2 | Yes |
| Operating System | juniper | junos | 19.2 | Yes |
| Operating System | juniper | junos | 19.3 | Yes |
| Operating System | juniper | junos | 19.3 | Yes |
| Operating System | juniper | junos | 19.3 | Yes |
| Operating System | juniper | junos | 19.3 | Yes |
| Operating System | juniper | junos | 19.3 | Yes |
| Hardware | juniper | mx10 | - | No |
| Hardware | juniper | mx10000 | - | No |
| Hardware | juniper | mx10003 | - | No |
| Hardware | juniper | mx104 | - | No |
| Hardware | juniper | mx150 | - | No |
| Hardware | juniper | mx2008 | - | No |
| Hardware | juniper | mx2010 | - | No |
| Hardware | juniper | mx2020 | - | No |
| Hardware | juniper | mx204 | - | No |
| Hardware | juniper | mx240 | - | No |
| Hardware | juniper | mx40 | - | No |
| Hardware | juniper | mx480 | - | No |
| Hardware | juniper | mx5 | - | No |
| Hardware | juniper | mx80 | - | No |
| Hardware | juniper | mx960 | - | No |
SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For juniper's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.