CVE-2020-1626

EPSS 0.47%
Published 08.04.2020 20:15:13
Last modified 21.11.2024 05:11:01
Source sirt@juniper.net
Teams watchlist Login
Open Login

A vulnerability in Juniper Networks Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS) by sending a high rate of specific packets to the device, resulting in a pfemand process crash. The pfemand process is responsible for packet forwarding on the device. By continuously sending the packet flood, an attacker can repeatedly crash the pfemand process causing a sustained Denial of Service. This issue can only be triggered by traffic sent to the device. Transit traffic does not cause this issue. This issue affects all version of Junos OS Evolved prior to 19.1R1-EVO.

Affected products Warnungen 0 Metrics 4 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Juniper ≫ Junos Os Evolved Version18.3 Updater1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.47%	0.616

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
sirt@juniper.net	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

https://kb.juniper.net/JSA11005

Vendor Advisory

https://tools.ietf.org/html/rfc6192

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-1626

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-1626

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-1626

EUVD