Vulnerability Description
On High-End SRX Series devices, in specific configurations and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core. Subsequently, all FPCs in a chassis may reset causing a Denial of Service. This issue affects both IPv4 and IPv6. This issue affects: Juniper Networks Junos OS 12.3X48 version 12.3X48-D80 and later versions prior to 12.3X48-D95 on High-End SRX Series. This issue does not affect Branch SRX Series devices.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | 12.3x48 |
| Juniper | Srx1500 | - |
| Juniper | Srx300 | - |
| Juniper | Srx4100 | - |
| Juniper | Srx4200 | - |
| Juniper | Srx4600 | - |
| Juniper | Srx5400 | - |
| Juniper | Srx550 | - |
| Juniper | Srx5600 | - |
| Juniper | Srx5800 | - |
Related Weaknesses (CWE)
References
- https://kb.juniper.net/JSA11014Vendor Advisory
- https://kb.juniper.net/JSA11014Vendor Advisory
FAQ
What is CVE-2020-1634?
CVE-2020-1634 is a vulnerability with a CVSS score of 7.5 (HIGH). On High-End SRX Series devices, in specific configurations and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core. Subsequently, all FPCs in...
How severe is CVE-2020-1634?
CVE-2020-1634 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-1634?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Srx1500, Juniper Srx300, Juniper Srx4100, Juniper Srx4200.