Description:

Juniper has released a security update to address a vulnerability in the following product:

• Juniper Networks Junos OS
  • 16.1 versions 16.1R7-S6 and later versions prior to 16.1R7-S8;
  • 17.3 versions 17.3R2-S5, 17.3R3-S6 and later versions prior to 17.3R3-S8;
  • 17.4 versions 17.4R2-S7, 17.4R3 and later versions prior to 17.4R2-S11, 17.4R3-S2;
  • 18.1 versions 18.1R3-S7 and later versions prior to 18.1R3-S10;
  • 18.2 versions 18.2R2-S6, 18.2R3-S2 and later versions prior to 18.2R2-S7, 18.2R3-S5;
  • 18.2X75 versions 18.2X75-D12, 18.2X75-D32, 18.2X75-D33, 18.2X75-D51, 18.2X75-D60, 18.2X75-D411, 18.2X75-D420 and later versions prior to 18.2X75-D32, 18.2X75-D33, 18.2X75-D420, 18.2X75-D52, 18.2X75-D60, 18.2X75-D65, 18.2X75-D70;(*1)
  • 18.3 versions 18.3R1-S6, 18.3R2-S3, 18.3R3 and later versions prior to 18.3R2-S4, 18.3R3-S2;
  • 18.4 versions 18.4R1-S5, 18.4R2-S4, 18.4R3 and later versions prior to 18.4R1-S7, 18.4R2-S5, 18.4R3-S3;
  • 19.1 versions 19.1R1-S3, 19.1R2 and later versions prior to 19.1R1-S5, 19.1R2-S2, 19.1R3-S2;
  • 19.2 versions 19.2R1-S2, 19.2R2 and later versions prior to 19.2R1-S5, 19.2R2, 19.2R3;
  • 19.3 versions prior to 19.3R2-S3, 19.3R3;
  • 19.4 versions prior to 19.4R1-S2, 19.4R2, 19.4R3;
  • 20.1 versions prior to 20.1R1-S1, 20.1R2.

Threats:

Allows an unauthenticated attacker to perform denial of service attack (DoS).

Best practice and Recommendations:

The CERT team encourages users to review Juniper security advisory and apply the necessary updates:

• https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11024&cat=SIRT_1&actp=LIST