Home

CVE-2020-1645

Description

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing URL Filtering service, may crash, causing the Services PIC to restart. While the Services PIC is restarting, all PIC services including DNS filtering service (DNS sink holing) will be bypassed until the Services PIC completes its boot process. If the issue occurs, system core-dumps output will show a crash of mspmand process: root@device> show system core-dumps -rw-rw---- 1 nobody wheel 575685123 /var/tmp/pics/mspmand.core.<*>.gz This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S8; 18.3 versions prior to 18.3R2-S4, 18.3R3-S1; 18.4 versions prior to 18.4R2-S5, 18.4R3; 19.1 versions prior to 19.1R2-S2, 19.1R3; 19.2 versions prior to 19.2R1-S5, 19.2R2; 19.3 versions prior to 19.3R2-S3, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2. This issue does not affect Juniper Networks Junos OS releases prior to 17.3R2.

Risk Information

Base Score
8.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.27

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are fixed in junos 18.3R2-S4NCM
Multiple Vulnerabilities are fixed in junos 18.4R2-S5NCM
Multiple Vulnerabilities are fixed in junos 19.1R2-S2NCM
Multiple Vulnerabilities are fixed in junos 19.2R1-S5NCM
Vulnerabilities CVE-2020-1640,CVE-2020-1645,CVE-2020-1653,CVE-2021-0273 are fixed in junos 19.3R2-S3NCM
Vulnerabilities CVE-2020-1645,CVE-2021-0258,CVE-2021-0267,CVE-2021-0268 are fixed in junos 19.4R1-S3NCM
Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability (CVE-2020-1645)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234