Vulnerability Details : CVE-2020-1626
A vulnerability in Juniper Networks Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS) by sending a high rate of specific packets to the device, resulting in a pfemand process crash. The pfemand process is responsible for packet forwarding on the device. By continuously sending the packet flood, an attacker can repeatedly crash the pfemand process causing a sustained Denial of Service. This issue can only be triggered by traffic sent to the device. Transit traffic does not cause this issue. This issue affects all version of Junos OS Evolved prior to 19.1R1-EVO.
Vulnerability category: Denial of service
Products affected by CVE-2020-1626
- cpe:2.3:o:juniper:junos_os_evolved:18.3:r1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-1626
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 45 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-1626
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
Juniper Networks, Inc. |
References for CVE-2020-1626
-
https://kb.juniper.net/JSA11005
2020-04 Security Bulletin: Junos OS Evolved: Denial of Service vulnerability in processing high rate of specific packets (CVE-2020-1626) - Juniper NetworksVendor Advisory
-
https://tools.ietf.org/html/rfc6192
RFC 6192 - Protecting the Router Control PlaneThird Party Advisory
Jump to