HIGH🇵🇱 Wersja polska

CVE-2020-1613

CVSS 8.6v3.1pub. 2020-04-08upd. 2024-11-21

A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving a specific BGP FlowSpec advertisement. The BGP NOTIFICATION message that terminates an established BGP session is sent toward the peer device that originally sent the specific BGP FlowSpec advertisement. This specific BGP FlowSpec advertisement received from a BGP peer might get propagated from a Junos OS device running the fixed release to another device that is vulnerable causing BGP session termination downstream. This issue affects IPv4 and IPv6 BGP FlowSpec deployment. This issue affects Juniper Networks Junos OS: 12.3; 12.3X48 on SRX Series; 14.1X53 on EX and QFX Series; 15.1 versions prior to 15.1R7-S5; 15.1F versions prior to 15.1F6-S13; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D497 on NFX Series; 15.1X53 versions prior to 15.1X53-D592 on EX2300/EX3400; 16.1 versions prior to 16.1R7-S7; 17.1 versions prior to 17.1R2-S12, 17.1R3; 17.2 versions prior to 17.2R2-S7, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110, 17.2X75-D44; 17.3 versions prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions prior to 17.4R1-S8, 17.4R2; 18.1 versions prior to 18.1R2-S4, 18.1R3; 18.2X75 versions prior to 18.2X75-D20.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
  • Juniper Ex2300

    HW
    Juniper
    wszystkie wersje
  • Juniper Ex2300 C

    HW
    Juniper
    wszystkie wersje
  • Juniper Ex3400

    HW
    Juniper
    wszystkie wersje
  • Juniper Ex4300

    HW
    Juniper
    wszystkie wersje
  • Juniper Ex4600

    HW
    Juniper
    wszystkie wersje
  • Juniper Ex4650

    HW
    Juniper
    wszystkie wersje
  • Juniper Ex9200

    HW
    Juniper
    wszystkie wersje
  • Juniper Ex9250

    HW
    Juniper
    wszystkie wersje
  • Juniper Junos

    OS
    Juniper
    12.312.3x4814.1x5315.115.1x4915.1x5315.1x53-d5015.1x53-d5115.1x53-d5215.1x53-d5515.1x53-d5715.1x53-d5815.1x53-d5916.117.1+ 7 więcej
  • Juniper Nfx150

    HW
    Juniper
    wszystkie wersje
  • Juniper Nfx250

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx10002

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx10008

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx10016

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx3000 G

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx3000 M

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx3008 I

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx3100

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx3500

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx3600

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx3600 I

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx5100

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx5110

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx5200

    HW
    Juniper
    wszystkie wersje
  • Juniper Qfx5210

    HW
    Juniper
    wszystkie wersje
  • Juniper Srx100

    HW
    Juniper
    wszystkie wersje
  • Juniper Srx110

    HW
    Juniper
    wszystkie wersje
  • Juniper Srx1400

    HW
    Juniper
    wszystkie wersje
  • Juniper Srx1500

    HW
    Juniper
    wszystkie wersje
  • Juniper Srx210

    HW
    Juniper
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-36845CRITICAL9.8⚠ KEVten sam produkt

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SR...

CVE-2024-21591CRITICAL9.8PL ✓ten sam produkt

Out-of-bounds Write w J-Web Juniper Junos OS — RCE z uprawnieniami root

CVE-2021-0248CRITICAL10.0ten sam produkt

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials ...

CVE-2021-0254CRITICAL9.8ten sam produkt

A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unaut...

CVE-2021-0211CRITICAL10.0ten sam produkt

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Rout...