SECURITY ALERTS

Multiple Vulnerabilities (CVE-2020-1647 and CVE-2020-1654) in Junos OS

DESCRIPTION:

Two critical vulnerabilities have been discovered in Junos OS. Both are on Juniper Networks SRX series with ICAP (Internet Content Adaptation Protocol) redirect service enabled. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS) or Remote Code Execution (RCE) due to the processing of a specific HTTP message.

 

AFFECTED RELEASES:

The Juniper Networks SRX series with ICAP redirect service enabled are affected by these vulnerabilities:

CVE-2020-1647:

18.1 versions prior to 18.1R3-S9

18.2 versions prior to 18.2R3-S3

18.3 versions prior to 18.3R2-S4, 18.3R3-S1

18.4 versions prior to 18.4R2-S5, 18.4R3

19.1 versions prior to 19.1R2

19.2 versions prior to 19.2R1-S2, 19.2R2

19.3 versions prior to 19.3R2

 

CVE-2020-1654:

18.1 versions prior to 18.1R3-S9

18.2 versions prior to 18.2R2-S7, 18.2R3-S3

18.3 versions prior to 18.3R1-S7, 18.3R2-S4, 18.3R3-S1

18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3

19.1 versions prior to 19.1R1-S5, 19.1R2

19.2 versions prior to 19.2R1-S2, 19.2R2

19.3 versions prior to 19.3R2

 

SOLUTION:

Juniper has released the updated version for this specific issue. Users and system administrators of affected products are advised to apply the security updates immediately from the following URL:

https://support.juniper.net/support/downloads/

 

REFERENCE:

1.https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11034

2.https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11031

Back To Top