Published: 16/10/2020 Updated: 26/10/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process might crash when receiving a malformed DHCP packet. This issue only affects devices configured as DHCP forwarder with forward-only option, that forward specified DHCP client packets, without creating a new subscriber session. The jdhcpd daemon automatically restarts without intervention, but continuous receipt of the malformed DHCP packet will repeatedly crash jdhcpd, leading to an extended Denial of Service (DoS) condition. This issue can be triggered only by DHCPv4, it cannot be triggered by DHCPv6. This issue affects Juniper Networks Junos OS: 12.3 versions before 12.3R12-S16; 12.3X48 versions before 12.3X48-D105 on SRX Series; 14.1X53 versions before 14.1X53-D60 on EX and QFX Series; 15.1 versions before 15.1R7-S7; 15.1X49 versions before 15.1X49-D221, 15.1X49-D230 on SRX Series; 15.1X53 versions before 15.1X53-D593 on EX2300/EX3400; 16.1 versions before 16.1R7-S5.

Vulnerable Product	Search on Vulmon	Subscribe to Product
juniper junos 12.3
juniper junos 15.1
juniper junos 16.1
juniper junos 12.3x48
juniper junos 15.1x49
juniper junos 15.1x53
juniper junos 14.1x53

NVD-CWE-noinfo https://kb.juniper.net/JSA11056 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-1661

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect