Products

Solutions

Company

Book A Live Demo

CVE-2020-1628 : Security Advisory and Response

Discover details of CVE-2020-1628, an information exposure vulnerability in Juniper Networks Junos OS affecting EX4300. Learn about impacted versions, mitigation steps, and more.

Juniper Networks Junos OS may expose configuration information due to an internal communication vulnerability on EX4300 devices.

Understanding CVE-2020-1628

This CVE involves an information exposure vulnerability in Juniper Networks Junos OS affecting EX4300 switches.

What is CVE-2020-1628?

Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communication between Routing Engines (RE) and Packet Forwarding Engines (PFEs). The vulnerability allows packets using these IP addresses to leak configuration details like heartbeats and kernel versions from the EX4300 switch to the internet.

The Impact of CVE-2020-1628

CVSS Base Score: 5.3 (Medium Severity)

Attack Vector: Network

Attack Complexity: Low

Confidentiality Impact: Low

Integrity Impact: None

Availability Impact: None

Technical Details of CVE-2020-1628

This section provides insights into the vulnerability specifics.

Vulnerability Description

The vulnerability arises from internal communications using the 128.0.0.0/2 subnet, allowing leakage of sensitive information from EX4300 switches.

Affected Systems and Versions

The following Junos OS versions on EX4300 devices are impacted:

14.1X53 prior to 14.1X53-D53

15.1 prior to 15.1R7-S6

15.1X49 prior to 15.1X49-D200, 15.1X49-D210

16.1 prior to 16.1R7-S7

And more up to 19.3

Exploitation Mechanism

No known malicious exploits have been reported by Juniper SIRT for this vulnerability.

Mitigation and Prevention

A detailed look at steps to mitigate and prevent the issue.

Immediate Steps to Take

Update to the latest software releases mentioned in the solution section

Implement firewall filters to discard packets from the internal network

Consider disabling net.transit_re sysctl flag for additional protection

Long-Term Security Practices

Regularly monitor and update Junos OS versions

Restrict network access and implement least privilege access controls

Patching and Updates

Ensure you apply the provided software releases and subsequent updates to resolve the vulnerability.

CVE-2020-1628 : Security Advisory and Response

Understanding CVE-2020-1628

What is CVE-2020-1628?

The Impact of CVE-2020-1628

Technical Details of CVE-2020-1628

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2020-1628 : Security Advisory and Response

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2020-1628

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2020-1628?

The Impact of CVE-2020-1628

Technical Details of CVE-2020-1628

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2020-1628

What is CVE-2020-1628?

Is your System Free of Underlying Vulnerabilities?
Find Out Now