Home

CVE-2020-1608

Description

Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge (BBE) service may trigger a kernel crash (vmcore), causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX Series subscriber management platforms. This issue affects MX Series running Juniper Networks Junos OS: 17.2 versions starting from17.2R2-S6, 17.2R3 and later releases, prior to 17.2R3-S3; 17.3 versions starting from 17.3R2-S4, 17.3R3-S2 and later releases, prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions starting from 17.4R2 and later releases, prior to 17.4R2-S7,17.4R3; 18.1 versions starting from 18.1R2-S3, 18.1R3 and later releases, prior to 18.1R3-S6; 18.2 versions starting from18.2R1-S1, 18.2R2 and later releases, prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D51, 18.2X75-D60; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 17.2R2-S6.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.552

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are fixed in junos 17.2R3-S3NCM
Vulnerabilities CVE-2020-1604,CVE-2020-1607,CVE-2020-1608,CVE-2020-1641 are fixed in junos 17.3r2-s5NCM
Vulnerabilities CVE-2020-1602,CVE-2020-1605,CVE-2020-1608,CVE-2020-1609 are fixed in junos 17.4R2-S7NCM
Vulnerabilities CVE-2019-0052,CVE-2019-0063,CVE-2019-0068,CVE-2020-1608 are fixed in junos 18.1r3-s6NCM
Multiple Vulnerabilities are fixed in junos 18.2R3-S2NCM
Multiple Vulnerabilities are fixed in junos 18.3R3NCM
Multiple Vulnerabilities are fixed in junos 18.4R2NCM
Multiple Vulnerabilities are fixed in junos 19.1R1-S3NCM
Vulnerabilities CVE-2020-1603,CVE-2020-1608,CVE-2020-1647,CVE-2020-1654 are fixed in junos 19.2r1-s2NCM
CVE-2020-1608NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234