CVE-2020-1689— Juniper Networks Junos OS EX/QFX 资源管理错误漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2020-1689の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Junos OS: EX4300-MP/EX4600/QFX5K Series: High CPU load due to receipt of specific layer 2 frames when deployed in a Virtual Chassis configuration
ソース: NVD (National Vulnerability Database)
脆弱性説明
On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis configuration, receipt of a stream of specific layer 2 frames can cause high CPU load, which could lead to traffic interruption. This issue does not occur when the device is deployed in Stand Alone configuration. The offending layer 2 frame packets can originate only from within the broadcast domain where the device is connected. This issue affects Juniper Networks Junos OS on EX4300-MP Series, EX4600 Series and QFX5K Series: 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S11, 17.4R3-S2, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R1-S5, 19.2R3; 19.3 versions prior to 19.3R2-S4, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2-S1, 19.4R3; 20.1 versions prior to 20.1R1-S3, 20.1R2.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
未加控制的资源消耗(资源穷尽)
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Juniper Networks Junos OS EX/QFX 资源管理错误漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Juniper Networks Junos OS EX/QFX是美国瞻博网络(Juniper Networks)公司的一款交换机。该产品为接入交换机的任意两个网络节点提供独享的电信号通路。 Junos OS EX/QFX 存在安全漏洞,攻击者可利用该漏洞通过via Virtual Chassis触发过载,以触发拒绝服务。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| Juniper Networks | Junos OS | 17.3 ~ 17.3R3-S9 | - |
II. CVE-2020-1689の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2020-1689のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · Juniper Networks · 2020-10-16 · 30 CVEs total
| CVE-2020-1656 | 8.8 HIGH | Junos OS: When a DHCPv6 Relay-Agent is configured upon receipt of a specific DHCPv6 client |
| CVE-2020-1673 | 8.8 HIGH | Junos OS: Reflected Cross-site Scripting vulnerability in J-Web and web based (HTTP/HTTPS) |
| CVE-2020-1660 | 8.3 HIGH | Junos OS: MX Series: Receipt of specific packets can cause services card to restart when D |
| CVE-2020-1667 | 8.3 HIGH | Junos OS: MX Series: Services card might restart due to a race condition when DNS filterin |
| CVE-2020-1675 | 8.3 HIGH | Juniper Networks Mist Cloud UI: SAML authentication certificate vulnerability. |
| CVE-2020-1664 | 7.8 HIGH | Junos OS: Buffer overflow vulnerability in device control daemon |
| CVE-2020-1657 | 7.5 HIGH | Junos OS: SRX Series: An attacker sending spoofed packets to IPSec peers may cause a Denia |
| CVE-2020-1686 | 7.5 HIGH | Junos OS: Kernel crash (vmcore) upon receipt of a malformed IPv6 packet. |
| CVE-2020-1684 | 7.5 HIGH | Junos OS: SRX Series: High CPU load due to processing for HTTP traffic when Application Id |
| CVE-2020-1683 | 7.5 HIGH | Junos OS: Memory leak leads to kernel crash (vmcore) due to SNMP polling |
| CVE-2020-1679 | 7.5 HIGH | Junos OS: PTX/QFX Series: Kernel Routing Table (KRT) queue stuck after packet sampling a m |
| CVE-2020-1672 | 7.5 HIGH | Junos OS: jdhcpd process crash when processing a specific DHCPDv6 packet in DHCPv6 relay c |
| CVE-2020-1671 | 7.5 HIGH | Junos OS: Receipt of malformed DHCPv6 packets causes jdhcpd to crash. |
| CVE-2020-1662 | 7.5 HIGH | Junos OS and Junos OS Evolved: RPD crash due to BGP session flapping. |
| CVE-2020-1676 | 7.2 HIGH | Juniper Networks Mist Cloud UI: SAML authentication response handling vulnerability. |
| CVE-2020-1677 | 7.2 HIGH | Juniper Networks Mist Cloud UI: SAML authentication attribute elements handling vulnerabil |
| CVE-2020-1666 | 6.6 MEDIUM | Junos OS Evolved: 'console log-out-on-disconnect' fails to terminate session on console ca |
| CVE-2020-1670 | 6.5 MEDIUM | Junos OS: EX4300 Series: High CPU load due to receipt of specific IPv4 packets |
| CVE-2020-1688 | 6.5 MEDIUM | Junos OS: SRX and NFX Series: Insufficient Web API private key protection |
| CVE-2020-1687 | 6.5 MEDIUM | Junos OS: EX4300-MP/EX4600/QFX5K Series: High CPU load due to receipt of specific layer 2 |
Showing 20 of 30 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Junos OS
- CVE-2026-33791
Junos OS and Junos OS Evolved: Execution of crafted CLI comm - CVE-2026-33790
Junos OS: SRX Series: In a NAT64 configuration, receipt of a - CVE-2026-33787
Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specifi - CVE-2026-33785
Junos OS: MX Series: Missing Authorization for specific 'req - CVE-2026-33781
Junos OS: EX Series, QFX Series: In a VXLAN scenario when sp
同じベンダー: Juniper Networks
- CVE-2026-33791
Junos OS and Junos OS Evolved: Execution of crafted CLI comm - CVE-2026-33790
Junos OS: SRX Series: In a NAT64 configuration, receipt of a - CVE-2026-33787
Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specifi - CVE-2026-33785
Junos OS: MX Series: Missing Authorization for specific 'req - CVE-2026-33784
JSI Virtual Lightweight Collector: Default password is not r
同じ弱点: CWE-400
- CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-42343
FastGPT: Uncontrolled Resource Consumption leading to Sandbo - CVE-2026-42212
SolidCAM-GPPL-IDE: XML External Entity (XXE) and billion-lau - CVE-2026-32686
Unbounded exponent in decimal enables unauthenticated DoS - CVE-2026-20188
Cisco Crosswork Network Controller and Cisco Network Service
V. CVE-2020-1689へのコメント
まだコメントはありません