Home

CVE-2020-1667

Description

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process might be bypassed due to a race condition. Due to this vulnerability, mspmand process, responsible for managing URL Filtering service, can crash, causing the Services PIC to restart. While the Services PIC is restarting, all PIC services including DNS filtering service (DNS sink holing) will be bypassed until the Services PIC completes its boot process. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S8; 18.3 versions prior to 18.3R3-S1; 18.4 versions prior to 18.4R3; 19.1 versions prior to 19.1R3; 19.2 versions prior to 19.2R2; 19.3 versions prior to 19.3R3. This issue does not affect Juniper Networks Junos OS 17.4, 18.1, and 18.2.

Risk Information

Base Score
8.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.311

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are fixed in junos 17.3R3-S8NCM
Multiple Vulnerabilities are fixed in junos 18.3R3-S1NCM
Multiple Vulnerabilities are fixed in junos 18.4R3NCM
Multiple Vulnerabilities are fixed in junos 19.1R3NCM
Multiple Vulnerabilities are fixed in junos 19.2R2NCM
Vulnerabilities CVE-2020-1660,CVE-2020-1667,CVE-2021-0251 are fixed in junos 19.3R3.NCM
Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability (CVE-2020-1667)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234