CVE-2020-1645 : What You Need to Know

This CVE-2020-1645 article provides detailed information about a vulnerability in Juniper Networks Junos MX Series that might cause services card restarts when DNS filtering is enabled.

Understanding CVE-2020-1645

This section delves into the specifics of the CVE-2020-1645 vulnerability.

What is CVE-2020-1645?

CVE-2020-1645 is a vulnerability in Juniper Networks Junos MX Series, potentially leading to services card restarts when DNS filtering is activated.

The Impact of CVE-2020-1645

The vulnerability could crash the Multiservices PIC Management Daemon (mspmand) process, causing the Services PIC to restart and bypassing PIC services until the reboot is completed.

Technical Details of CVE-2020-1645

This section highlights technical details of the CVE-2020-1645 vulnerability.

Vulnerability Description

The issue arises when DNS filtering is enabled on the Junos MX Series, leading to potential crashes of the mspmand process and subsequent service disruptions.

Affected Systems and Versions

Affected versions: 17.3R2 to 17.3R3-S8, 18.3 to 18.3R2-S4, 18.3R3-S1, 18.4 to 18.4R2-S5, 18.4R3, 19.1 to 19.1R2-S2, 19.1R3, 19.2 to 19.2R1-S5, 19.2R2, 19.3 to 19.3R2-S3, 19.3R3, 19.4 to 19.4R1-S3, 19.4R2.

Exploitation Mechanism

Attack Complexity: Low
Attack Vector: Network
Privileges Required: None
CVSS Base Score: 8.3 (High)

Mitigation and Prevention

Learn about the steps to address and prevent exploitation of CVE-2020-1645.

Immediate Steps to Take

Update the software to versions resolving the issue.

Long-Term Security Practices

Regularly update Junos OS to the latest releases to mitigate vulnerabilities.
Employ network security measures to prevent unauthorized access.

Patching and Updates

Update to software versions including 18.3R2-S4, 18.3R3-S1, 18.4R2-S5, 18.4R3, 19.1R2-S2, 19.1R3, 19.2R1-S5, 19.2R2, 19.3R2-S3, 19.3R3, 19.4R1-S3, 19.4R2, 20.1R1, or subsequent releases.