VAR-202010-0405
Vulnerability from variot - Updated: 2024-08-14 13:24Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a vulnerability. Notes: The fix resolved an issue when MACsec replay-protect was enabled and the replay-protect-window value was set to zero, Junos OS was incorrectly configuring the value to MAX_WINDOW size. Hence this is not a vulnerability and this CVE ID assignment has been withdrawn. The operating system provides a secure programming interface and Junos SDK. A security vulnerability exists in Junos OS that an attacker can exploit to obtain sensitive information by bypassing MACsec delay protection to bypass access restrictions on data. Juniper Networks Junos OS and Junos OS Evolved fail to drop/discard delayed MACsec packets (e.g. delayed by more than 2 seconds). Per the specification, called the "bounded receive delay", there should be no replies to delayed MACsec packets. Any MACsec traffic delayed more than 2 seconds should be dropped and late drop counters should increment. Without MACsec delay protection, an attacker could exploit the delay to spoof or decrypt packets. This issue affects: Juniper Networks Junos OS: 16.1 versions before 16.1R7-S8; 17.2 versions before 17.2R3-S4; 17.3 versions before 17.3R3-S8, 17.3R3-S9; 17.4 versions before 17.4R2-S11, 17.4R3-S2; 18.1 versions before 18.1R3-S11; 18.2 versions before 18.2R3-S5; 18.3 versions before 18.3R2-S4, 18.3R3-S3; 18.4 versions before 18.4R1-S7, 18.4R2-S5, 18.4R3-S3; 19.1 versions before 19.1R3-S2; 19.2 versions before 19.2R1-S5, 19.2R3; 19.3 versions before 19.3R2-S3, 19.3R3; 19.4 versions before 19.4R1-S2, 19.4R2-S1, 19.4R3; 20.1 versions before 20.1R1-S2, 20.1R2. Juniper Networks Junos OS Evolved: all versions before 19.4R3-EVO; 20.1 versions before 20.1R2-EVO. This issue does not affect Junos OS versions before 16.1R1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202010-0405",
"cve": "CVE-2020-1674",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-169848",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2020-1674",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNNVD",
"id": "CNNVD-202010-676",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-169848",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-1674",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-169848"
},
{
"db": "VULMON",
"id": "CVE-2020-1674"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-676"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a vulnerability. Notes: The fix resolved an issue when MACsec replay-protect was enabled and the replay-protect-window value was set to zero, Junos OS was incorrectly configuring the value to MAX_WINDOW size. Hence this is not a vulnerability and this CVE ID assignment has been withdrawn. The operating system provides a secure programming interface and Junos SDK. A security vulnerability exists in Junos OS that an attacker can exploit to obtain sensitive information by bypassing MACsec delay protection to bypass access restrictions on data. Juniper Networks Junos OS and Junos OS Evolved fail to drop/discard delayed MACsec packets (e.g. delayed by more than 2 seconds). Per the specification, called the \"bounded receive delay\", there should be no replies to delayed MACsec packets. Any MACsec traffic delayed more than 2 seconds should be dropped and late drop counters should increment. Without MACsec delay protection, an attacker could exploit the delay to spoof or decrypt packets. This issue affects: Juniper Networks Junos OS: 16.1 versions before 16.1R7-S8; 17.2 versions before 17.2R3-S4; 17.3 versions before 17.3R3-S8, 17.3R3-S9; 17.4 versions before 17.4R2-S11, 17.4R3-S2; 18.1 versions before 18.1R3-S11; 18.2 versions before 18.2R3-S5; 18.3 versions before 18.3R2-S4, 18.3R3-S3; 18.4 versions before 18.4R1-S7, 18.4R2-S5, 18.4R3-S3; 19.1 versions before 19.1R3-S2; 19.2 versions before 19.2R1-S5, 19.2R3; 19.3 versions before 19.3R2-S3, 19.3R3; 19.4 versions before 19.4R1-S2, 19.4R2-S1, 19.4R3; 20.1 versions before 20.1R1-S2, 20.1R2. Juniper Networks Junos OS Evolved: all versions before 19.4R3-EVO; 20.1 versions before 20.1R2-EVO. This issue does not affect Junos OS versions before 16.1R1",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1674"
},
{
"db": "VULHUB",
"id": "VHN-169848"
},
{
"db": "VULMON",
"id": "CVE-2020-1674"
}
],
"trust": 1.08
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1674",
"trust": 1.8
},
{
"db": "JUNIPER",
"id": "JSA11071",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202010-676",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.3751",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-169848",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-1674",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-169848"
},
{
"db": "VULMON",
"id": "CVE-2020-1674"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-676"
},
{
"db": "NVD",
"id": "CVE-2020-1674"
}
]
},
"id": "VAR-202010-0405",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-169848"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:24:11.673000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Juniper Networks Junos OS Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=130748"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-676"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa11071"
},
{
"trust": 0.8,
"url": "https://ieeexplore.ieee.org/document/1678345"
},
{
"trust": 0.8,
"url": "https://www.juniper.net/documentation/en_us/junos/topics/concept/macsec.html"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1674"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/junos-os-information-disclosure-via-macsec-delay-protection-bypass-33591"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3751/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189880"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-169848"
},
{
"db": "VULMON",
"id": "CVE-2020-1674"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-676"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-169848"
},
{
"db": "VULMON",
"id": "CVE-2020-1674"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-676"
},
{
"db": "NVD",
"id": "CVE-2020-1674"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-169848"
},
{
"date": "2020-10-16T00:00:00",
"db": "VULMON",
"id": "CVE-2020-1674"
},
{
"date": "2020-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-676"
},
{
"date": "2020-10-16T21:15:13.317000",
"db": "NVD",
"id": "CVE-2020-1674"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-01-05T00:00:00",
"db": "VULHUB",
"id": "VHN-169848"
},
{
"date": "2021-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2020-1674"
},
{
"date": "2021-01-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-676"
},
{
"date": "2023-11-07T03:19:26.350000",
"db": "NVD",
"id": "CVE-2020-1674"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-676"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper Networks Junos OS Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-676"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-676"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…