CVE-2020-1674

Severity

54%

Complexity

27%

Confidentiality

41%

Juniper Networks Junos OS and Junos OS Evolved fail to drop/discard delayed MACsec packets (e.g. delayed by more than 2 seconds). Per the specification, called the "bounded receive delay", there should be no replies to delayed MACsec packets. Any MACsec traffic delayed more than 2 seconds should be dropped and late drop counters should increment. Without MACsec delay protection, an attacker could exploit the delay to spoof or decrypt packets. This issue affects: Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S8; 17.2 versions prior to 17.2R3-S4; 17.3 versions prior to 17.3R3-S8, 17.3R3-S9; 17.4 versions prior to 17.4R2-S11, 17.4R3-S2; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R1-S7, 18.4R2-S5, 18.4R3-S3; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R1-S5, 19.2R3; 19.3 versions prior to 19.3R2-S3, 19.3R3; 19.4 versions prior to 19.4R1-S2, 19.4R2-S1, 19.4R3; 20.1 versions prior to 20.1R1-S2, 20.1R2. Juniper Networks Junos OS Evolved: all versions prior to 19.4R3-EVO; 20.1 versions prior to 20.1R2-EVO. This issue does not affect Junos OS versions prior to 16.1R1.

CVSS 3.1 Base Score 5.4. CVSS Attack Vector: adjacent_network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).

CVSS 2.0 Base Score 4.8. CVSS Attack Vector: adjacent_network. CVSS Attack Complexity: low. CVSS Vector: (AV:A/AC:L/Au:N/C:P/I:P/A:N).

Overview

Type

Juniper

First reported 4 years ago

2020-10-16 21:15:00

Last updated 4 years ago

2020-10-27 17:02:00

Affected Software

Juniper JUNOS 16.1

16.1

Juniper JunOS 16.1 R1

16.1

Juniper JunOS 16.1 R2

16.1

Juniper JunOS 16.1 R3

16.1

Juniper Junos 16.1 R3-S10

16.1

Juniper Junos OS 16.1 R3-S11

16.1

Juniper JunOS 16.1 R4

16.1

Juniper JUNOS 16.1 R4-S12

16.1

Juniper JUNOS 16.1 R4-S2

16.1

Juniper Junos 16.1 R4-S3

16.1

Juniper Junos 16.1 R4-S4

16.1

Juniper JUNOS 16.1 R4-S6

16.1

Juniper Junos 16.1 R5

16.1

Juniper Junos 16.1 R5-S4

16.1

Juniper Junos 16.1 R6-S1

16.1

Juniper Junos 16.1 R6-s6

16.1

Juniper Junos 16.1 R7

16.1

Juniper JUNOS 16.1 R7-S2

16.1

Juniper JUNOS 16.1 R7-S3

16.1

Juniper JUNOS 16.1R7-S4

16.1

Juniper JUNOS 16.1R7-S5

16.1

Juniper JUNOS 16.1 R7-S6

16.1

Juniper JUNOS 16.1 R7-S7

16.1

Juniper JUNOS 17.2

17.2

Juniper Junos 17.2 R1

17.2

Juniper JUNOS 17.2 R1-s1

17.2

Juniper JUNOS 17.2 R1-S2

17.2

Juniper JUNOS 17.2 R1-s3

17.2

Juniper JUNOS 17.2 R1-S4

17.2

Juniper JUNOS 17.2 R1-s5

17.2

Juniper Junos 17.2 R1-S7

17.2

Juniper JUNOS 17.2 R1-S8

17.2

Juniper Junos 17.2 R2

17.2

Juniper JUNOS 17.2 R2-S11

17.2

Juniper JUNOS 17.2 R2-S6

17.2

Juniper JUNOS 17.2 R2-S7

17.2

Juniper JUNOS 17.2R3-S1

17.2

Juniper JUNOS 17.2 R3-S2

17.2

Juniper JUNOS 17.2 R3-S3

17.2

Juniper JUNOS 17.3

17.3

Juniper JUNOS 17.3 R1-S1

17.3

Juniper Junos 17.3 R2

17.3

Juniper JUNOS 17.3 R2-S1

17.3

Juniper JUNOS 17.3R2-S2

17.3

Juniper Junos OS 17.3 R2-S3

17.3

Juniper JUNOS 17.3 R2-S4

17.3

Juniper JunOS 17.3 R3

17.3

Juniper JUNOS 17.3 R3-S1

17.3

Juniper JUNOS 17.3 R3-S2

17.3

Juniper JUNOS 17.3 R3-S3

17.3

Juniper JUNOS 17.3R3-S4

17.3

Juniper JUNOS 17.3 R3-S7

17.3

Juniper JUNOS 17.4

17.4

Juniper Junos 17.4 R1

17.4

Juniper JUNOS 17.4 R1-S1

17.4

Juniper JUNOS 17.4 R1-S2

17.4

Juniper JUNOS 17.4R1-S4

17.4

Juniper JunOS 17.4 R1-s5

17.4

Juniper JUNOS 17.4 R1-S6

17.4

Juniper JUNOS 17.4R1-S7

17.4

Juniper Junos 17.4 R2

17.4

Juniper JUNOS 17.4 R2-S1

17.4

Juniper JUNOS 17.4 R2-S10

17.4

Juniper Junos 17.4 R2-S2

17.4

Juniper JUNOS 17.4 R2-S3

17.4

Juniper JUNOS 17.4R2-S4

17.4

Juniper JUNOS 17.4 R2-S5

17.4

Juniper JUNOS 17.4 R2-S6

17.4

Juniper JUNOS 17.4 R2-S7

17.4

Juniper JUNOS 17.4 R2-S8

17.4

Juniper JUNOS 17.4 R2-S9

17.4

Juniper JUNOS 18.1

18.1

Juniper JUNOS 18.1R2

18.1

Juniper JUNOS R2-S1

18.1

Juniper JUNOS R2-S2

18.1

Juniper JUNOS 18.1 R2-S4

18.1

Juniper JUNOS 18.1 R3

18.1

Juniper JunOS 18.1 R3-s1

18.1

Juniper JUNOS 18.1 R3-S2

18.1

Juniper JUNOS 18.1 R3-S3

18.1

Juniper JUNOS 18.1R3-S4

18.1

Juniper JUNOS 18.1 R3-S6

18.1

Juniper JUNOS 18.1 R3-S7

18.1

Juniper JUNOS 18.1 R3-S8

18.1

Juniper JUNOS 18.1 R3-S9

18.1

Juniper JUNOS 18.2

18.2

Juniper JunOS 18.2 R1-S3

18.2

Juniper JUNOS 18.2 R1-S5

18.2

Juniper JUNOS 18.2 R2-S1

18.2

Juniper JUNOS 18.2R2-S2

18.2

Juniper JUNOS 18.2R2-S3

18.2

Juniper JUNOS18.2 R2-S4

18.2

Juniper JUNOS 18.2 R2-S5

18.2

Juniper JUNOS 18.2 R2-S6

18.2

Juniper JUNOS 18.2R3

18.2

Juniper JUNOS 18.2 R3-S1

18.2

Juniper JUNOS 18.2 R3-S2

18.2

Juniper JUNOS 18.2 R3-S3

18.2

Juniper JUNOS 18.3

18.3

Juniper JUNOS 18.3 R1

18.3

Juniper JUNOS 18.3 R1-S1

18.3

Juniper JUNOS 18.3 R1-S2

18.3

Juniper JUNOS 18.3R1-S3

18.3

Juniper JUNOS 18.3 R1-S5

18.3

Juniper JUNOS 18.3 R1-S6

18.3

Juniper JUNOS 18.3 R2

18.3

Juniper JUNOS 18.3 R2-S1

18.3

Juniper JUNOS 18.3 R2-S2

18.3

Juniper JUNOS 18.3 R2-S3

18.3

Juniper JUNOS 18.3 R3

18.3

Juniper JUNOS 18.3 R3-S1

18.3

Juniper JUNOS 18.4

18.4

Juniper JunOS 18.4 R1

18.4

Juniper Junos OS 18.4 R1-S1

18.4

Juniper JUNOS 18.4R1-S2

18.4

Juniper JUNOS 18.4 R1-S5

18.4

Juniper JUNOS 18.4 R1-S6

18.4

Juniper JUNOS 18.4R2

18.4

Juniper JUNOS 18.4 R2-S1

18.4

Juniper JUNOS 18.4 R2-S2

18.4

Juniper JUNOS 18.4 R2-S3

18.4

Juniper JUNOS 18.4 R3

18.4

Juniper Junos OS 19.1

19.1

Juniper Junos OS 19.1 R1

19.1

Juniper Junos OS 19.1 R1-s1

19.1

Juniper JUNOS 19.1 R1-S2

19.1

Juniper JUNOS 19.1 R1-S3

19.1

Juniper JUNOS 19.1 R1-S4

19.1

Juniper Junos OS 19.1 R2

19.1

Juniper Junos OS 19.2

19.2

Juniper Junos OS 19.2 R1

19.2

Juniper JUNOS 19.2 R1-S1

19.2

Juniper JUNOS 19.2 R1-S2

19.2

Juniper JUNOS 19.2 R1-S3

19.2

Juniper JUNOS 19.3

19.3

Juniper JUNOS 19.3 R1

19.3

Juniper JUNOS 19.3 R1-S1

19.3

Juniper JUNOS 19.3 R2

19.3

Juniper JUNOS 19.3 R2-S1

19.3

Juniper JUNOS 19.3 R2-S2

19.3

Juniper JUNOS 19.4 R1

19.4

Juniper JUNOS 19.4 R1-S1

19.4

Juniper JUNOS 20.1 R1

20.1

Juniper JUNOS Evolved 19.2 R1

19.2

Juniper JUNOS Evolved 19.3 R2

19.3

Juniper JUNOS Evolved 19.4 R1

19.4

Juniper JUNOS Evolved 19.4 R2

19.4

References

https://ieeexplore.ieee.org/document/1678345

https://kb.juniper.net/JSA11071

https://www.juniper.net/documentation/en_US/junos/topics/concept/macsec.html

https://ieeexplore.ieee.org/document/1678345

Third Party Advisory

https://kb.juniper.net/JSA11071

Vendor Advisory

https://www.juniper.net/documentation/en_US/junos/topics/concept/macsec.html

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.