情報源

CISA Current Activity
Juniper Networks Releases Security Updates for Multiple Products
https://us-cert.cisa.gov/ncas/current-activity/2020/07/09/juniper-networks-releases-security-updates-multiple-products

概要

関連文書 (英語)

Juniper Networks
2020-07 Security Bulletin: Junos Space and Junos Space Security Director: Multiple vulnerabilities resolved in 20.1R1 release
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11023

2020-07 Security Bulletin: Junos OS: Receipt of certain genuine BGP packets from any BGP Speaker causes RPD to crash. (CVE-2020-1640)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11024

2020-07 Security Bulletin: Junos OS and Junos OS Evolved: OpenSSL Security Advisory [20 Dec 2019]
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11025

2020-07 Security Bulletin: Junos OS: NFX150: Multiple vulnerabilities in BIOS firmware (INTEL-SA-00241)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11026

2020-07 Security Bulletin: Junos OS: A race condition on receipt of crafted LLDP packets leads to a memory leak and an LLDP crash. (CVE-2020-1641)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11027

2020-07 Security Bulletin: Junos OS: MX Series: Services card might restart when DNS filtering is enabled (CVE-2020-1645)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11028

2020-07 Security Bulletin: Junos OS: RPD crash when executing specific “show ospf interface” commands from the CLI with OSPF authentication configured (CVE-2020-1643)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11030

2020-07 Security Bulletin: Junos OS: SRX Series: processing a malformed HTTP message when ICAP redirect service is enabled may can lead to flowd process crash or remote code execution (CVE-2020-1654)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11031

2020-07 Security Bulletin: Junos OS and Junos OS Evolved: RPD crash due to specific BGP UPDATE packets (CVE-2020-1644)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11032

2020-07 Security Bulletin: Junos OS and Junos OS Evolved: RPD crash while processing a specific BGP update information. (CVE-2020-1646)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11033

2020-07 Security Bulletin: Junos OS: SRX Series: Double free vulnerability can lead to DoS or remote code execution due to the processing of a specific HTTP message when ICAP redirect service is enabled (CVE-2020-1647)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11034

2020-07 Security Bulletin: Junos OS and Junos OS Evolved: RPD crash when processing a specific BGP packet (CVE-2020-1648)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11035

2020-07 Security Bulletin:Junos OS: MX Series: PFE crash on MPC7/8/9 upon receipt of small fragments requiring reassembly (CVE-2020-1649)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11036

2020-07 Security Bulletin: Junos OS: MX Series: Denial of Service vulnerability in MS-PIC component on MS-MIC or MS-MPC (CVE-2020-1650)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11037

2020-07 Security Bulletin: Junos OS: MX Series: PFE on the line card may crash due to memory leak. (CVE-2020-1651)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11038

2020-07 Security Bulletin: SRC Series: Multiple vulnerabilities in Bouncy Castle
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11039

2020-07 Security Bulletin: Junos OS: Kernel crash (vmcore) or FPC crash due to mbuf leak (CVE-2020-1653)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11040

2020-07 Security Bulletin: Junos OS: MX Series: PFE crash on MPC7/8/9 upon receipt of large packets requiring fragmentation (CVE-2020-1655)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11041

2020-07 Security Bulletin: Juniper Secure Analytics (JSA): Multiple vulnerabilities resolved in JSA 7.3.2 patch 7, 7.3.3 patch 3, and 7.4.0 releases
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11042

引用元：JPCERTコーディネーションセンター
「JPCERT/CC WEEKLY REPORT 2020-07-15」
https://www.jpcert.or.jp/wr/2020/wr202701.html