Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2021-AVI-526
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
Vendor | Product | Description | ||
---|---|---|---|---|
Juniper Networks | N/A | Juniper Networks SBR Carrier versions 8.4.1 antérieures à 8.4.1R19 | ||
Juniper Networks | Networks Junos OS | Juniper Networks Junos OS versions antérieures à 12.3R12-S19, 15.1R7-S10, 16.1R7-S7, 17.2R3-S3, 17.3R3-S12, 17.4R2-S13, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S9, 18.4R3-S9, 19.1R2-S1, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S3, 19.4R1-S4, 19.4R2, 19.4R2-S4, 19.4R3-S5, 20.1R1, 20.1R2-S2, 20.1R3-S1, 20.2R2-S3, 20.2R3-S2, 20.3R2-S1, 20.3R3, 20.4R1-S1, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, | ||
Juniper Networks | N/A | Juniper Networks Contrail Cloud versions antérieures à 13.6.0 | ||
Juniper Networks | N/A | Juniper Networks SBR Carrier versions 8.6.0 antérieures à 8.6.0R4 | ||
Juniper Networks | Networks Junos OS Evolved | Juniper Networks Junos OS Evolved versions antérieures à 20.3R2-EVO, 20.4R2-EVO, 20.4R2-S2-EVO, 21.1R1-EVO, 21.1R2-EVO, 21.2R1-EVO | ||
Juniper Networks | N/A | Juniper Networks SBR Carrier versions 8.5.0 antérieures à 8.5.0R10 |
References
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [ { "description": "Juniper Networks SBR Carrier versions 8.4.1 ant\u00e9rieures \u00e0 8.4.1R19", "product": { "name": "N/A", "vendor": { "name": "Juniper Networks", "scada": false } } }, { "description": "Juniper Networks Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S19, 15.1R7-S10, 16.1R7-S7, 17.2R3-S3, 17.3R3-S12, 17.4R2-S13, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S9, 18.4R3-S9, 19.1R2-S1, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S3, 19.4R1-S4, 19.4R2, 19.4R2-S4, 19.4R3-S5, 20.1R1, 20.1R2-S2, 20.1R3-S1, 20.2R2-S3, 20.2R3-S2, 20.3R2-S1, 20.3R3, 20.4R1-S1, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1,", "product": { "name": "Networks Junos OS", "vendor": { "name": "Juniper Networks", "scada": false } } }, { "description": "Juniper Networks Contrail Cloud versions ant\u00e9rieures \u00e0 13.6.0", "product": { "name": "N/A", "vendor": { "name": "Juniper Networks", "scada": false } } }, { "description": "Juniper Networks SBR Carrier versions 8.6.0 ant\u00e9rieures \u00e0 8.6.0R4", "product": { "name": "N/A", "vendor": { "name": "Juniper Networks", "scada": false } } }, { "description": "Juniper Networks Junos OS Evolved versions ant\u00e9rieures \u00e0 20.3R2-EVO, 20.4R2-EVO, 20.4R2-S2-EVO, 21.1R1-EVO, 21.1R2-EVO, 21.2R1-EVO", "product": { "name": "Networks Junos OS Evolved", "vendor": { "name": "Juniper Networks", "scada": false } } }, { "description": "Juniper Networks SBR Carrier versions 8.5.0 ant\u00e9rieures \u00e0 8.5.0R10", "product": { "name": "N/A", "vendor": { "name": "Juniper Networks", "scada": false } } } ], "affected_systems_content": null, "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n", "cves": [ { "name": "CVE-2021-0285", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0285" }, { "name": "CVE-2021-0279", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0279" }, { "name": "CVE-2021-0287", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0287" }, { "name": "CVE-2021-0278", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0278" }, { "name": "CVE-2021-0280", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0280" }, { "name": "CVE-2021-0282", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0282" }, { "name": "CVE-2017-1087", "url": "https://www.cve.org/CVERecord?id=CVE-2017-1087" }, { "name": "CVE-2018-6925", "url": "https://www.cve.org/CVERecord?id=CVE-2018-6925" }, { "name": "CVE-2019-8936", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8936" }, { "name": "CVE-2021-0276", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0276" }, { "name": "CVE-2021-0286", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0286" }, { "name": "CVE-2021-0289", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0289" }, { "name": "CVE-2021-0277", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0277" }, { "name": "CVE-2021-0290", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0290" }, { "name": "CVE-2021-0281", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0281" }, { "name": "CVE-2021-0288", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0288" } ], "initial_release_date": "2021-07-15T00:00:00", "last_revision_date": "2021-07-15T00:00:00", "links": [ { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11191 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11191\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11183 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11183\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11192 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11192\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11181 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11181\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11178 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11178\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11180 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11180\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11187 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11187\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11188 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11188\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11179 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11179\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11185 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11185\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11184 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11184\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11190 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11190\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11189 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11189\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11177 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11177\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11186 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11186\u0026cat=SIRT_1\u0026actp=LIST" }, { "title": "Bulletin de s\u00e9curit\u00e9 JuniperJSA11182 du 14 juillet 2021", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11182\u0026cat=SIRT_1\u0026actp=LIST" } ], "reference": "CERTFR-2021-AVI-526", "revisions": [ { "description": "Version initiale", "revision_date": "2021-07-15T00:00:00.000000" } ], "risks": [ { "description": "Ex\u00e9cution de code arbitraire \u00e0 distance" }, { "description": "D\u00e9ni de service" }, { "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es" }, { "description": "\u00c9l\u00e9vation de privil\u00e8ges" } ], "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes les produits Juniper.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n", "title": "Multiples vuln\u00e9rabilit\u00e9s les produits Juniper", "vendor_advisories": [ { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11183 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11187 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11189 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11188 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11192 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11191 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11177 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11186 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11179 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11182 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11180 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11181 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11178 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11185 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11190 du 14 juillet 2021", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11184 du 14 juillet 2021", "url": null } ] }
CVE-2021-0286 (GCVE-0-2021-0286)
Vulnerability from cvelistv5
Published
2021-07-15 20:01
Modified
2024-09-16 17:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Summary
A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) process to crash and restart, impacting all traffic going through the FPC, resulting in a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. Following messages will be logged prior to the crash: Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:35 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:37 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:44 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:47 Feb 2 10:14:39 fpc0 audit[16263]: ANOM_ABEND auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm="EvoAftManBt-mai" exe="/usr/sbin/evo-aftmand-bt" sig=11 Feb 2 10:14:39 fpc0 kernel: audit: type=1701 audit(1612260879.272:17): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm="EvoAftManBt-mai" exe="/usr/sbin/evo-aftmand-bt" sig=1 This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1 versions prior to 21.1R2-EVO.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Juniper Networks | Junos OS Evolved |
Version: unspecified < 20.4R2-EVO Version: 21.1 < 21.1R2-EVO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.574Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11188" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [ { "lessThan": "20.4R2-EVO", "status": "affected", "version": "unspecified", "versionType": "custom" }, { "lessThan": "21.1R2-EVO", "status": "affected", "version": "21.1", "versionType": "custom" } ] } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) process to crash and restart, impacting all traffic going through the FPC, resulting in a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. Following messages will be logged prior to the crash: Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:35 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:37 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:44 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:47 Feb 2 10:14:39 fpc0 audit[16263]: ANOM_ABEND auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=11 Feb 2 10:14:39 fpc0 kernel: audit: type=1701 audit(1612260879.272:17): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=1 This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1 versions prior to 21.1R2-EVO." } ], "exploits": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-703", "description": "CWE-703 Improper Check or Handling of Exceptional Conditions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:00:59", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11188" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.4R2-EVO, 21.1R2-EVO, 21.2R1-EVO, and all subsequent releases." } ], "source": { "advisory": "JSA11188", "defect": [ "1572969" ], "discovery": "USER" }, "title": "Junos OS Evolved: Specially crafted packets may cause the AFT manager process to crash and restart", "workarounds": [ { "lang": "en", "value": "There are no viable workarounds for this issue." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0286", "STATE": "PUBLIC", "TITLE": "Junos OS Evolved: Specially crafted packets may cause the AFT manager process to crash and restart" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Junos OS Evolved", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "20.4R2-EVO" }, { "version_affected": "\u003c", "version_name": "21.1", "version_value": "21.1R2-EVO" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) process to crash and restart, impacting all traffic going through the FPC, resulting in a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. Following messages will be logged prior to the crash: Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:35 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:37 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:44 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:47 Feb 2 10:14:39 fpc0 audit[16263]: ANOM_ABEND auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=11 Feb 2 10:14:39 fpc0 kernel: audit: type=1701 audit(1612260879.272:17): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=1 This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1 versions prior to 21.1R2-EVO." } ] }, "exploit": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-703 Improper Check or Handling of Exceptional Conditions" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11188", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11188" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.4R2-EVO, 21.1R2-EVO, 21.2R1-EVO, and all subsequent releases." } ], "source": { "advisory": "JSA11188", "defect": [ "1572969" ], "discovery": "USER" }, "work_around": [ { "lang": "en", "value": "There are no viable workarounds for this issue." } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0286", "datePublished": "2021-07-15T20:01:00.067332Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-16T17:57:56.012Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0281 (GCVE-0-2021-0281)
Vulnerability from cvelistv5
Published
2021-07-15 20:00
Modified
2024-09-16 18:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R2-S2-EVO.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | |||||||
---|---|---|---|---|---|---|---|---|---|
Juniper Networks | Junos OS |
Version: 17.3 < 17.3R3-S12 Version: 17.4 < 17.4R3-S5 Version: 18.1 < 18.1R3-S13 Version: 18.2 < 18.2R3-S8 Version: 18.3 < 18.3R3-S5 Version: 18.4 < 18.4R2-S8, 18.4R3-S8 Version: 19.1 < 19.1R3-S5 Version: 19.2 < 19.2R3-S2 Version: 19.3 < 19.3R2-S6, 19.3R3-S2 Version: 19.4 < 19.4R2-S4, 19.4R3-S3 Version: 20.1 < 20.1R3 Version: 20.2 < 20.2R3 Version: 20.3 < 20.3R2 Version: 20.4 < 20.4R2 |
|||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.587Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11185" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "17.3R3-S12", "status": "affected", "version": "17.3", "versionType": "custom" }, { "lessThan": "17.4R3-S5", "status": "affected", "version": "17.4", "versionType": "custom" }, { "lessThan": "18.1R3-S13", "status": "affected", "version": "18.1", "versionType": "custom" }, { "lessThan": "18.2R3-S8", "status": "affected", "version": "18.2", "versionType": "custom" }, { "lessThan": "18.3R3-S5", "status": "affected", "version": "18.3", "versionType": "custom" }, { "lessThan": "18.4R2-S8, 18.4R3-S8", "status": "affected", "version": "18.4", "versionType": "custom" }, { "lessThan": "19.1R3-S5", "status": "affected", "version": "19.1", "versionType": "custom" }, { "lessThan": "19.2R3-S2", "status": "affected", "version": "19.2", "versionType": "custom" }, { "lessThan": "19.3R2-S6, 19.3R3-S2", "status": "affected", "version": "19.3", "versionType": "custom" }, { "lessThan": "19.4R2-S4, 19.4R3-S3", "status": "affected", "version": "19.4", "versionType": "custom" }, { "lessThan": "20.1R3", "status": "affected", "version": "20.1", "versionType": "custom" }, { "lessThan": "20.2R3", "status": "affected", "version": "20.2", "versionType": "custom" }, { "lessThan": "20.3R2", "status": "affected", "version": "20.3", "versionType": "custom" }, { "lessThan": "20.4R2", "status": "affected", "version": "20.4", "versionType": "custom" } ] }, { "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [ { "lessThan": "20.4R2-S2-EVO", "status": "affected", "version": "All", "versionType": "custom" } ] } ], "configurations": [ { "lang": "en", "value": "The config stanza affected by this issue:\n [ routing-options validation group \u003cgroup-name\u003e session \u003cIP address\u003e ]" } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R2-S2-EVO." } ], "exploits": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:00:53", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11185" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 17.3R3-S12, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S8, 19.1R3-S5, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R2-S4, 19.4R3-S3, 20.1R3, 20.2R3, 20.3R2, 20.4R2, 21.1R1 and all subsequent releases.\n\nJunos OS Evolved: 20.4R2-S2-EVO, 21.1R1-EVO, and all subsequent releases." } ], "source": { "advisory": "JSA11185", "defect": [ "1556207" ], "discovery": "USER" }, "title": "Junos OS and Junos OS Evolved: Specific packets can trigger rpd crash when BGP Origin Validation is configured with RPKI", "workarounds": [ { "lang": "en", "value": "There are no viable workarounds for this issue." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0281", "STATE": "PUBLIC", "TITLE": "Junos OS and Junos OS Evolved: Specific packets can trigger rpd crash when BGP Origin Validation is configured with RPKI" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Junos OS", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "17.3", "version_value": "17.3R3-S12" }, { "version_affected": "\u003c", "version_name": "17.4", "version_value": "17.4R3-S5" }, { "version_affected": "\u003c", "version_name": "18.1", "version_value": "18.1R3-S13" }, { "version_affected": "\u003c", "version_name": "18.2", "version_value": "18.2R3-S8" }, { "version_affected": "\u003c", "version_name": "18.3", "version_value": "18.3R3-S5" }, { "version_affected": "\u003c", "version_name": "18.4", "version_value": "18.4R2-S8, 18.4R3-S8" }, { "version_affected": "\u003c", "version_name": "19.1", "version_value": "19.1R3-S5" }, { "version_affected": "\u003c", "version_name": "19.2", "version_value": "19.2R3-S2" }, { "version_affected": "\u003c", "version_name": "19.3", "version_value": "19.3R2-S6, 19.3R3-S2" }, { "version_affected": "\u003c", "version_name": "19.4", "version_value": "19.4R2-S4, 19.4R3-S3" }, { "version_affected": "\u003c", "version_name": "20.1", "version_value": "20.1R3" }, { "version_affected": "\u003c", "version_name": "20.2", "version_value": "20.2R3" }, { "version_affected": "\u003c", "version_name": "20.3", "version_value": "20.3R2" }, { "version_affected": "\u003c", "version_name": "20.4", "version_value": "20.4R2" } ] } }, { "product_name": "Junos OS Evolved", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "All", "version_value": "20.4R2-S2-EVO" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "configuration": [ { "lang": "en", "value": "The config stanza affected by this issue:\n [ routing-options validation group \u003cgroup-name\u003e session \u003cIP address\u003e ]" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R2-S2-EVO." } ] }, "exploit": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11185", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11185" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 17.3R3-S12, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S8, 19.1R3-S5, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R2-S4, 19.4R3-S3, 20.1R3, 20.2R3, 20.3R2, 20.4R2, 21.1R1 and all subsequent releases.\n\nJunos OS Evolved: 20.4R2-S2-EVO, 21.1R1-EVO, and all subsequent releases." } ], "source": { "advisory": "JSA11185", "defect": [ "1556207" ], "discovery": "USER" }, "work_around": [ { "lang": "en", "value": "There are no viable workarounds for this issue." } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0281", "datePublished": "2021-07-15T20:00:53.845894Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-16T18:08:46.744Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0278 (GCVE-0-2021-0278)
Vulnerability from cvelistv5
Published
2021-07-15 20:00
Modified
2024-09-17 03:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
- Privilege Escalation
Summary
An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3-S1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 junos:21.3R1 This issue affects: Juniper Networks Junos OS 19.3 versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Juniper Networks | Junos OS |
Patch: unspecified < 19.3R1 Version: 19.3R1 < 19.3* Version: 19.4 < 19.4R3-S5 Version: 20.1 < 20.1R2-S2, 20.1R3-S1 Version: 20.2 < 20.2R3-S2 Version: 20.3 < 20.3R3 Version: 20.4 < 20.4R2-S1, 20.4R3 Version: 21.1 < 21.1R1-S1, 21.1R2 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.530Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11182" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "19.3R1", "status": "unaffected", "version": "unspecified", "versionType": "custom" }, { "changes": [ { "at": "19.3R2-S6, 19.3R3-S3", "status": "unaffected" } ], "lessThan": "19.3*", "status": "affected", "version": "19.3R1", "versionType": "custom" }, { "lessThan": "19.4R3-S5", "status": "affected", "version": "19.4", "versionType": "custom" }, { "lessThan": "20.1R2-S2, 20.1R3-S1", "status": "affected", "version": "20.1", "versionType": "custom" }, { "lessThan": "20.2R3-S2", "status": "affected", "version": "20.2", "versionType": "custom" }, { "lessThan": "20.3R3", "status": "affected", "version": "20.3", "versionType": "custom" }, { "lessThan": "20.4R2-S1, 20.4R3", "status": "affected", "version": "20.4", "versionType": "custom" }, { "lessThan": "21.1R1-S1, 21.1R2", "status": "affected", "version": "21.1", "versionType": "custom" } ] } ], "configurations": [ { "lang": "en", "value": "The following minimal configuration is necessary: \n\n [system services web-management http]\nor\n [system services web-management https]" } ], "credits": [ { "lang": "en", "value": "The Juniper SIRT wishes to thank Luca Ercoli regarding PR 1511853" } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3-S1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 junos:21.3R1 This issue affects: Juniper Networks Junos OS 19.3 versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1." } ], "exploits": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability. However, a proof-of-concept exploit does exist in the wild." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "description": "Privilege Escalation", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:00:48", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11182" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 19.3R2-S6, 19.3R3-S3, 19.4R3-S5, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.\n\nIn addition to the above fixed releases, for the following not-affected releases additional security enhancements were included in Junos OS 18.3R3-S5, 18.4R3-S9, 19.1R3-S6 as a result of resolving this issue." } ], "source": { "advisory": "JSA11182", "defect": [ "1592021", "1511853" ], "discovery": "USER" }, "title": "Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root.", "workarounds": [ { "lang": "en", "value": "There are no viable workarounds for this issue other than disabling J-Web. \n\nTo reduce the risk of exploitation of these issues, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0278", "STATE": "PUBLIC", "TITLE": "Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root." }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Junos OS", "version": { "version_data": [ { "version_affected": "\u003e=", "version_name": "19.3", "version_value": "19.3R1" }, { "version_affected": "\u003c", "version_name": "19.3", "version_value": "19.3R2-S6, 19.3R3-S3" }, { "version_affected": "\u003c", "version_name": "19.4", "version_value": "19.4R3-S5" }, { "version_affected": "\u003c", "version_name": "20.1", "version_value": "20.1R2-S2, 20.1R3-S1" }, { "version_affected": "\u003c", "version_name": "20.2", "version_value": "20.2R3-S2" }, { "version_affected": "\u003c", "version_name": "20.3", "version_value": "20.3R3" }, { "version_affected": "\u003c", "version_name": "20.4", "version_value": "20.4R2-S1, 20.4R3" }, { "version_affected": "\u003c", "version_name": "21.1", "version_value": "21.1R1-S1, 21.1R2" }, { "version_affected": "!\u003c", "version_value": "19.3R1" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "configuration": [ { "lang": "en", "value": "The following minimal configuration is necessary: \n\n [system services web-management http]\nor\n [system services web-management https]" } ], "credit": [ { "lang": "eng", "value": "The Juniper SIRT wishes to thank Luca Ercoli regarding PR 1511853" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3-S1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 junos:21.3R1 This issue affects: Juniper Networks Junos OS 19.3 versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1." } ] }, "exploit": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability. However, a proof-of-concept exploit does exist in the wild." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] }, { "description": [ { "lang": "eng", "value": "Privilege Escalation" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11182", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11182" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 19.3R2-S6, 19.3R3-S3, 19.4R3-S5, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.\n\nIn addition to the above fixed releases, for the following not-affected releases additional security enhancements were included in Junos OS 18.3R3-S5, 18.4R3-S9, 19.1R3-S6 as a result of resolving this issue." } ], "source": { "advisory": "JSA11182", "defect": [ "1592021", "1511853" ], "discovery": "USER" }, "work_around": [ { "lang": "en", "value": "There are no viable workarounds for this issue other than disabling J-Web. \n\nTo reduce the risk of exploitation of these issues, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users." } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0278", "datePublished": "2021-07-15T20:00:49.075880Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-17T03:37:49.506Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0277 (GCVE-0-2021-0277)
Vulnerability from cvelistv5
Published
2021-07-15 20:00
Modified
2024-09-16 18:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS), or may lead to remote code execution (RCE). Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. Juniper Networks Junos OS Evolved versions prior to 20.4R2-EVO.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | |||||||
---|---|---|---|---|---|---|---|---|---|
Juniper Networks | Junos OS |
Version: 12.3 < 12.3R12-S18 Version: 15.1 < 15.1R7-S9 Version: 17.3 < 17.3R3-S12 Version: 17.4 < 17.4R2-S13, 17.4R3-S5 Version: 18.1 < 18.1R3-S13 Version: 18.2 < 18.2R3-S8 Version: 18.3 < 18.3R3-S5 Version: 18.4 < 18.4R2-S8, 18.4R3-S8 Version: 19.1 < 19.1R3-S5 Version: 19.2 < 19.2R3-S3 Version: 19.3 < 19.3R2-S6, 19.3R3-S2 Version: 19.4 < 19.4R1-S4, 19.4R2-S4, 19.4R3-S3 Version: 20.1 < 20.1R2-S2, 20.1R3 Version: 20.2 < 20.2R3-S1 Version: 20.3 < 20.3R2-S1, 20.3R3 Version: 20.4 < 20.4R2 |
|||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.533Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11181" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "12.3R12-S18", "status": "affected", "version": "12.3", "versionType": "custom" }, { "lessThan": "15.1R7-S9", "status": "affected", "version": "15.1", "versionType": "custom" }, { "lessThan": "17.3R3-S12", "status": "affected", "version": "17.3", "versionType": "custom" }, { "lessThan": "17.4R2-S13, 17.4R3-S5", "status": "affected", "version": "17.4", "versionType": "custom" }, { "lessThan": "18.1R3-S13", "status": "affected", "version": "18.1", "versionType": "custom" }, { "lessThan": "18.2R3-S8", "status": "affected", "version": "18.2", "versionType": "custom" }, { "lessThan": "18.3R3-S5", "status": "affected", "version": "18.3", "versionType": "custom" }, { "lessThan": "18.4R2-S8, 18.4R3-S8", "status": "affected", "version": "18.4", "versionType": "custom" }, { "lessThan": "19.1R3-S5", "status": "affected", "version": "19.1", "versionType": "custom" }, { "lessThan": "19.2R3-S3", "status": "affected", "version": "19.2", "versionType": "custom" }, { "lessThan": "19.3R2-S6, 19.3R3-S2", "status": "affected", "version": "19.3", "versionType": "custom" }, { "lessThan": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3", "status": "affected", "version": "19.4", "versionType": "custom" }, { "lessThan": "20.1R2-S2, 20.1R3", "status": "affected", "version": "20.1", "versionType": "custom" }, { "lessThan": "20.2R3-S1", "status": "affected", "version": "20.2", "versionType": "custom" }, { "lessThan": "20.3R2-S1, 20.3R3", "status": "affected", "version": "20.3", "versionType": "custom" }, { "lessThan": "20.4R2", "status": "affected", "version": "20.4", "versionType": "custom" } ] }, { "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [ { "lessThan": "20.4R2-EVO", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "configurations": [ { "lang": "en", "value": "This vulnerability is only exploitable on interfaces with LLDP enabled. For example:\n\n [protocols lldp]" } ], "credits": [ { "lang": "en", "value": "The Juniper SIRT would like to acknowledge and thank Qian Chen from the Codesafe Team of Legendsec at the Qi\u0027anxin Group." } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS), or may lead to remote code execution (RCE). Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. Juniper Networks Junos OS Evolved versions prior to 20.4R2-EVO." } ], "exploits": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:00:47", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11181" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS 12.3R12-S18, 15.1R7-S9, 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S8, 19.1R3-S5, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3-S1, 20.3R2-S1, 20.3R3, 20.4R2, 20.4R3, 21.1R1, 21.1R2, 21.2R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-EVO, 21.1R1-EVO, and all subsequent releases." } ], "source": { "advisory": "JSA11181", "defect": [ "1569312" ], "discovery": "EXTERNAL" }, "title": "Junos OS and Junos OS Evolved: LLDP Out-of-Bounds Read vulnerability in l2cpd", "workarounds": [ { "lang": "en", "value": "1. Configure the device to not load the L2CPD daemon using the following CLI config stanza.\n\n set system processes l2cpd-service disable\n\nAdditional protocols L2CPD daemon supports include RSTP, MSTP, VSTP, ERP, xSTP and ERP protocols. After issuing set system processes l2cpd-service disable, RSTP, MSTP, VSTP, ERP, xSTP and ERP protocols will cease to operate. Please note, this is not an exhaustive list, disabling L2CPD may affect other protocols and services that rely upon L2CPD daemon to be present. For example, L2ALD, MRVP, EVPN traffic, etc. may also cease to operate. To avoid downtime, customers considering applying this workaround should carefully test all workaround changes to their environment in a non-production environment first that mirrors or as closely as possible matches the production environment before applying to the production environment.\n\n2. Configure target interfaces on the device to disable LLDP packet processing:\n \n set protocols lldp interface \u003cinterface name\u003e disable\n\n3. On Switching platforms such as EX/QFX Series devices implement packet filters to discard LLDP packets with an EtherType of 0x88cc.\n\nFor example:\n\n set firewall family ethernet-switching filter LLDP_EXAMPLE term 1 from ether-type 0x88cc\n set firewall family ethernet-switching filter LLDP_EXAMPLE term 1 then discard\n \nWorkaround #3 does not work on MX Series devices. MX Series devices should disable LLDP processing, filter off-system, or upgrade to a fixed release.\n \n4. Lastly, as a method to reduce the risk of exploitation for this vulnerability, customers may implement off-system IDP and/or Firewall filtering methods such as disallowing LLDP EtherType to propagate completely on local segments, or by filtering broadcast addressed LLDP packets or unicast addressed LLDP packets not originated from trusted sources targeted to trusted destinations.\n\nAdditionally, it is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device via all means to only trusted, administrative networks, hosts and users." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0277", "STATE": "PUBLIC", "TITLE": "Junos OS and Junos OS Evolved: LLDP Out-of-Bounds Read vulnerability in l2cpd" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Junos OS", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "12.3", "version_value": "12.3R12-S18" }, { "version_affected": "\u003c", "version_name": "15.1", "version_value": "15.1R7-S9" }, { "version_affected": "\u003c", "version_name": "17.3", "version_value": "17.3R3-S12" }, { "version_affected": "\u003c", "version_name": "17.4", "version_value": "17.4R2-S13, 17.4R3-S5" }, { "version_affected": "\u003c", "version_name": "18.1", "version_value": "18.1R3-S13" }, { "version_affected": "\u003c", "version_name": "18.2", "version_value": "18.2R3-S8" }, { "version_affected": "\u003c", "version_name": "18.3", "version_value": "18.3R3-S5" }, { "version_affected": "\u003c", "version_name": "18.4", "version_value": "18.4R2-S8, 18.4R3-S8" }, { "version_affected": "\u003c", "version_name": "19.1", "version_value": "19.1R3-S5" }, { "version_affected": "\u003c", "version_name": "19.2", "version_value": "19.2R3-S3" }, { "version_affected": "\u003c", "version_name": "19.3", "version_value": "19.3R2-S6, 19.3R3-S2" }, { "version_affected": "\u003c", "version_name": "19.4", "version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3" }, { "version_affected": "\u003c", "version_name": "20.1", "version_value": "20.1R2-S2, 20.1R3" }, { "version_affected": "\u003c", "version_name": "20.2", "version_value": "20.2R3-S1" }, { "version_affected": "\u003c", "version_name": "20.3", "version_value": "20.3R2-S1, 20.3R3" }, { "version_affected": "\u003c", "version_name": "20.4", "version_value": "20.4R2" } ] } }, { "product_name": "Junos OS Evolved", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "20.4R2-EVO" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "configuration": [ { "lang": "en", "value": "This vulnerability is only exploitable on interfaces with LLDP enabled. For example:\n\n [protocols lldp]" } ], "credit": [ { "lang": "eng", "value": "The Juniper SIRT would like to acknowledge and thank Qian Chen from the Codesafe Team of Legendsec at the Qi\u0027anxin Group." } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS), or may lead to remote code execution (RCE). Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. Juniper Networks Junos OS Evolved versions prior to 20.4R2-EVO." } ] }, "exploit": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-125 Out-of-bounds Read" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11181", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11181" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS 12.3R12-S18, 15.1R7-S9, 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S8, 19.1R3-S5, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3-S1, 20.3R2-S1, 20.3R3, 20.4R2, 20.4R3, 21.1R1, 21.1R2, 21.2R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-EVO, 21.1R1-EVO, and all subsequent releases." } ], "source": { "advisory": "JSA11181", "defect": [ "1569312" ], "discovery": "EXTERNAL" }, "work_around": [ { "lang": "en", "value": "1. Configure the device to not load the L2CPD daemon using the following CLI config stanza.\n\n set system processes l2cpd-service disable\n\nAdditional protocols L2CPD daemon supports include RSTP, MSTP, VSTP, ERP, xSTP and ERP protocols. After issuing set system processes l2cpd-service disable, RSTP, MSTP, VSTP, ERP, xSTP and ERP protocols will cease to operate. Please note, this is not an exhaustive list, disabling L2CPD may affect other protocols and services that rely upon L2CPD daemon to be present. For example, L2ALD, MRVP, EVPN traffic, etc. may also cease to operate. To avoid downtime, customers considering applying this workaround should carefully test all workaround changes to their environment in a non-production environment first that mirrors or as closely as possible matches the production environment before applying to the production environment.\n\n2. Configure target interfaces on the device to disable LLDP packet processing:\n \n set protocols lldp interface \u003cinterface name\u003e disable\n\n3. On Switching platforms such as EX/QFX Series devices implement packet filters to discard LLDP packets with an EtherType of 0x88cc.\n\nFor example:\n\n set firewall family ethernet-switching filter LLDP_EXAMPLE term 1 from ether-type 0x88cc\n set firewall family ethernet-switching filter LLDP_EXAMPLE term 1 then discard\n \nWorkaround #3 does not work on MX Series devices. MX Series devices should disable LLDP processing, filter off-system, or upgrade to a fixed release.\n \n4. Lastly, as a method to reduce the risk of exploitation for this vulnerability, customers may implement off-system IDP and/or Firewall filtering methods such as disallowing LLDP EtherType to propagate completely on local segments, or by filtering broadcast addressed LLDP packets or unicast addressed LLDP packets not originated from trusted sources targeted to trusted destinations.\n\nAdditionally, it is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device via all means to only trusted, administrative networks, hosts and users." } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0277", "datePublished": "2021-07-15T20:00:47.440624Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-16T18:29:22.544Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-1087 (GCVE-0-2017-1087)
Vulnerability from cvelistv5
Published
2017-11-16 20:00
Modified
2024-09-16 23:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Privilege escalation
Summary
In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user that has access to a jailed system is able to abuse shared memory by injecting malicious content in the shared memory region. This memory region might be executed by applications trusting the shared memory, like Squid. This issue could lead to a Denial of Service or local privilege escalation.
References
URL | Tags | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T13:25:17.417Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "101867", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/101867" }, { "name": "1039810", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1039810" }, { "name": "FreeBSD-SA-17:09", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:09.shm.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "FreeBSD", "vendor": "FreeBSD", "versions": [ { "status": "affected", "version": "FreeBSD 10.x" } ] } ], "datePublic": "2017-11-15T00:00:00", "descriptions": [ { "lang": "en", "value": "In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user that has access to a jailed system is able to abuse shared memory by injecting malicious content in the shared memory region. This memory region might be executed by applications trusting the shared memory, like Squid. This issue could lead to a Denial of Service or local privilege escalation." } ], "problemTypes": [ { "descriptions": [ { "description": "Privilege escalation", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-11-17T10:57:01", "orgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "shortName": "freebsd" }, "references": [ { "name": "101867", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/101867" }, { "name": "1039810", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1039810" }, { "name": "FreeBSD-SA-17:09", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:09.shm.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secteam@freebsd.org", "DATE_PUBLIC": "2017-11-15T00:00:00", "ID": "CVE-2017-1087", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "FreeBSD", "version": { "version_data": [ { "version_value": "FreeBSD 10.x" } ] } } ] }, "vendor_name": "FreeBSD" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user that has access to a jailed system is able to abuse shared memory by injecting malicious content in the shared memory region. This memory region might be executed by applications trusting the shared memory, like Squid. This issue could lead to a Denial of Service or local privilege escalation." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Privilege escalation" } ] } ] }, "references": { "reference_data": [ { "name": "101867", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101867" }, { "name": "1039810", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039810" }, { "name": "FreeBSD-SA-17:09", "refsource": "FREEBSD", "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-17:09.shm.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "assignerShortName": "freebsd", "cveId": "CVE-2017-1087", "datePublished": "2017-11-16T20:00:00Z", "dateReserved": "2016-11-30T00:00:00", "dateUpdated": "2024-09-16T23:11:12.656Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0289 (GCVE-0-2021-0289)
Vulnerability from cvelistv5
Published
2021-07-15 20:01
Modified
2024-09-17 03:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Summary
When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command "show interfaces <> extensive" and review the output. See further details below. An example output is: show interfaces extensive | match policer Policer: Input: __default_arp_policer__ <<< incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed Policer: Input: jtac-arp-ae5.317-inet-arp <<< correct if user ARP Policer was applied on an AE interface For all platforms, except SRX Series: This issue affects Juniper Networks Junos OS: All versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; This issue does not affect Juniper Networks Junos OS versions prior to 5.6R1. On SRX Series this issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.4 versions prior to 19.4R3-S4; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. This issue does not affect 18.4 versions prior to 18.4R1 on SRX Series. This issue does not affect Junos OS Evolved.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Juniper Networks | Junos OS |
Patch: unspecified < 5.6R1 Version: 5.6R1 < 5.6* Version: 15.1 < 15.1R7-S10 Version: 16.1R1 < 16.1* Version: 16.2R1 < 16.2* Version: 17.1R1 < 17.1* Version: 17.2R1 < 17.2* Version: 17.3R1 < 17.3* Version: 17.4R1 < 17.4* Version: 18.1R1 < 18.1* Version: 18.2R1 < 18.2* Version: 18.3R1 < 18.3* Version: 18.4 < 18.4R2-S9, 18.4R3-S9 Version: 19.4 < 19.4R3-S3 Version: 20.1 < 20.1R3 Version: 20.2 < 20.2R3-S2 Version: 20.3R1 < 20.3* Version: 20.4 < 20.4R3 Version: 21.1 < 21.1R2 |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.679Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11191" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "5.6R1", "status": "unaffected", "version": "unspecified", "versionType": "custom" }, { "lessThan": "5.6*", "status": "affected", "version": "5.6R1", "versionType": "custom" }, { "changes": [ { "at": "15.1F1", "status": "affected" } ], "lessThan": "15.1R7-S10", "status": "affected", "version": "15.1", "versionType": "custom" }, { "lessThan": "16.1*", "status": "affected", "version": "16.1R1", "versionType": "custom" }, { "lessThan": "16.2*", "status": "affected", "version": "16.2R1", "versionType": "custom" }, { "lessThan": "17.1*", "status": "affected", "version": "17.1R1", "versionType": "custom" }, { "lessThan": "17.2*", "status": "affected", "version": "17.2R1", "versionType": "custom" }, { "lessThan": "17.3*", "status": "affected", "version": "17.3R1", "versionType": "custom" }, { "lessThan": "17.4*", "status": "affected", "version": "17.4R1", "versionType": "custom" }, { "lessThan": "18.1*", "status": "affected", "version": "18.1R1", "versionType": "custom" }, { "lessThan": "18.2*", "status": "affected", "version": "18.2R1", "versionType": "custom" }, { "lessThan": "18.3*", "status": "affected", "version": "18.3R1", "versionType": "custom" }, { "lessThan": "18.4R2-S9, 18.4R3-S9", "status": "affected", "version": "18.4", "versionType": "custom" }, { "lessThan": "19.4R3-S3", "status": "affected", "version": "19.4", "versionType": "custom" }, { "lessThan": "20.1R3", "status": "affected", "version": "20.1", "versionType": "custom" }, { "lessThan": "20.2R3-S2", "status": "affected", "version": "20.2", "versionType": "custom" }, { "lessThan": "20.3*", "status": "affected", "version": "20.3R1", "versionType": "custom" }, { "lessThan": "20.4R3", "status": "affected", "version": "20.4", "versionType": "custom" }, { "lessThan": "21.1R2", "status": "affected", "version": "21.1", "versionType": "custom" } ] }, { "platforms": [ "SRX Series" ], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "changes": [ { "at": "18.4R1", "status": "affected" } ], "lessThan": "18.4R2-S9, 18.4R3-S9", "status": "affected", "version": "18.4", "versionType": "custom" }, { "lessThan": "19.4R3-S3", "status": "affected", "version": "19.4", "versionType": "custom" }, { "lessThan": "20.1R3", "status": "affected", "version": "20.1", "versionType": "custom" }, { "lessThan": "20.2R3-S2", "status": "unaffected", "version": "20.2", "versionType": "custom" }, { "lessThan": "20.3*", "status": "affected", "version": "20.3R1", "versionType": "custom" }, { "lessThan": "20.4R3", "status": "affected", "version": "20.4", "versionType": "custom" }, { "lessThan": "21.1R2", "status": "affected", "version": "21.1", "versionType": "custom" } ] }, { "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [ { "status": "unaffected", "version": "Any" } ] } ], "configurations": [ { "lang": "en", "value": "First in config CLI mode check that is there any user ARP policers configured on an ae interface:\n\n show configuration | display set | match jtac-arp\n set groups jtac-arp-policer interfaces ae5 unit \u003c*\u003e family inet policer arp jtac-arp \u003c\u003c\u003c this shows user arp policer configured on all ae interfaces\n\nNext validate which ARP policer is installed by using the operational cli command:\n\n\u201cshow interfaces extensive | match policer\u201d\n show interfaces extensive | match policer\n Policer: Input: __default_arp_policer__ \u003c\u003c\u003c incorrect if user arp policer was applied on ae interface and default arp policer is displayed\n Policer: Input: jtac-arp-ae5.317-inet-arp \u003c\u003c\u003c correct if user arp policer was applied on ae interface" } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command \"show interfaces \u003c\u003e extensive\" and review the output. See further details below. An example output is: show interfaces extensive | match policer Policer: Input: __default_arp_policer__ \u003c\u003c\u003c incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed Policer: Input: jtac-arp-ae5.317-inet-arp \u003c\u003c\u003c correct if user ARP Policer was applied on an AE interface For all platforms, except SRX Series: This issue affects Juniper Networks Junos OS: All versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; This issue does not affect Juniper Networks Junos OS versions prior to 5.6R1. On SRX Series this issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.4 versions prior to 19.4R3-S4; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. This issue does not affect 18.4 versions prior to 18.4R1 on SRX Series. This issue does not affect Junos OS Evolved." } ], "exploits": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-367", "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:01:05", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11191" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: For all platforms, except SRX Series, using Junos OS 15.1R7-S10, 18.4R2-S9, 18.4R3-S9, 19.4R3-S4, 20.1R3, 20.2R3-S2, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases. On SRX series using Junos OS 18.4R2-S9, 18.4R3-S9, 19.4R3-S4. 20.1R3, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases." } ], "source": { "advisory": "JSA11191", "defect": [ "1528403" ], "discovery": "USER" }, "title": "Junos OS: User-defined ARP Policer isn\u0027t applied on Aggregated Ethernet (AE) interface until firewall process is restarted", "workarounds": [ { "lang": "en", "value": "There is no workaround for this issue. \n\nIf affected by this issue, to recover from its impact, restart the firewall process to update the ARP Policer on the AE interface unit(s). \nFrom the CLI issue: \n\n cli\u003e restart firewall \n\nNote: no side effects on firewall restart shall be seen when issuing this command." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0289", "STATE": "PUBLIC", "TITLE": "Junos OS: User-defined ARP Policer isn\u0027t applied on Aggregated Ethernet (AE) interface until firewall process is restarted" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Junos OS", "version": { "version_data": [ { "version_affected": "\u003e=", "version_name": "5.6", "version_value": "5.6R1" }, { "version_affected": "\u003c", "version_name": "15.1", "version_value": "15.1R7-S10" }, { "version_affected": "\u003e=", "version_name": "15.1", "version_value": "15.1F1" }, { "version_affected": "\u003e=", "version_name": "16.1", "version_value": "16.1R1" }, { "version_affected": "\u003e=", "version_name": "16.2", "version_value": "16.2R1" }, { "version_affected": "\u003e=", "version_name": "17.1", "version_value": "17.1R1" }, { "version_affected": "\u003e=", "version_name": "17.2", "version_value": "17.2R1" }, { "version_affected": "\u003e=", "version_name": "17.3", "version_value": "17.3R1" }, { "version_affected": "\u003e=", "version_name": "17.4", "version_value": "17.4R1" }, { "version_affected": "\u003e=", "version_name": "18.1", "version_value": "18.1R1" }, { "version_affected": "\u003e=", "version_name": "18.2", "version_value": "18.2R1" }, { "version_affected": "\u003e=", "version_name": "18.3", "version_value": "18.3R1" }, { "version_affected": "\u003c", "version_name": "18.4", "version_value": "18.4R2-S9, 18.4R3-S9" }, { "version_affected": "\u003c", "version_name": "19.4", "version_value": "19.4R3-S3" }, { "version_affected": "\u003c", "version_name": "20.1", "version_value": "20.1R3" }, { "version_affected": "\u003c", "version_name": "20.2", "version_value": "20.2R3-S2" }, { "version_affected": "\u003e=", "version_name": "20.3", "version_value": "20.3R1" }, { "version_affected": "\u003c", "version_name": "20.4", "version_value": "20.4R3" }, { "version_affected": "\u003c", "version_name": "21.1", "version_value": "21.1R2" }, { "version_affected": "!\u003c", "version_value": "5.6R1" } ] } }, { "product_name": "Junos OS", "version": { "version_data": [ { "platform": "SRX Series", "version_affected": "\u003c", "version_name": "18.4", "version_value": "18.4R2-S9, 18.4R3-S9" }, { "platform": "SRX Series", "version_affected": "\u003c", "version_name": "19.4", "version_value": "19.4R3-S3" }, { "platform": "SRX Series", "version_affected": "\u003c", "version_name": "20.1", "version_value": "20.1R3" }, { "platform": "SRX Series", "version_affected": "!\u003c", "version_name": "20.2", "version_value": "20.2R3-S2" }, { "platform": "SRX Series", "version_affected": "\u003e=", "version_name": "20.3", "version_value": "20.3R1" }, { "platform": "SRX Series", "version_affected": "\u003c", "version_name": "20.4", "version_value": "20.4R3" }, { "platform": "SRX Series", "version_affected": "\u003c", "version_name": "21.1", "version_value": "21.1R2" }, { "platform": "SRX Series", "version_affected": "!\u003c", "version_name": "18.4", "version_value": "18.4R1" } ] } }, { "product_name": "Junos OS Evolved", "version": { "version_data": [ { "version_affected": "!", "version_name": "Any", "version_value": "Any" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "configuration": [ { "lang": "en", "value": "First in config CLI mode check that is there any user ARP policers configured on an ae interface:\n\n show configuration | display set | match jtac-arp\n set groups jtac-arp-policer interfaces ae5 unit \u003c*\u003e family inet policer arp jtac-arp \u003c\u003c\u003c this shows user arp policer configured on all ae interfaces\n\nNext validate which ARP policer is installed by using the operational cli command:\n\n\u201cshow interfaces extensive | match policer\u201d\n show interfaces extensive | match policer\n Policer: Input: __default_arp_policer__ \u003c\u003c\u003c incorrect if user arp policer was applied on ae interface and default arp policer is displayed\n Policer: Input: jtac-arp-ae5.317-inet-arp \u003c\u003c\u003c correct if user arp policer was applied on ae interface" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command \"show interfaces \u003c\u003e extensive\" and review the output. See further details below. An example output is: show interfaces extensive | match policer Policer: Input: __default_arp_policer__ \u003c\u003c\u003c incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed Policer: Input: jtac-arp-ae5.317-inet-arp \u003c\u003c\u003c correct if user ARP Policer was applied on an AE interface For all platforms, except SRX Series: This issue affects Juniper Networks Junos OS: All versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; This issue does not affect Juniper Networks Junos OS versions prior to 5.6R1. On SRX Series this issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.4 versions prior to 19.4R3-S4; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. This issue does not affect 18.4 versions prior to 18.4R1 on SRX Series. This issue does not affect Junos OS Evolved." } ] }, "exploit": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11191", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11191" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: For all platforms, except SRX Series, using Junos OS 15.1R7-S10, 18.4R2-S9, 18.4R3-S9, 19.4R3-S4, 20.1R3, 20.2R3-S2, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases. On SRX series using Junos OS 18.4R2-S9, 18.4R3-S9, 19.4R3-S4. 20.1R3, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases." } ], "source": { "advisory": "JSA11191", "defect": [ "1528403" ], "discovery": "USER" }, "work_around": [ { "lang": "en", "value": "There is no workaround for this issue. \n\nIf affected by this issue, to recover from its impact, restart the firewall process to update the ARP Policer on the AE interface unit(s). \nFrom the CLI issue: \n\n cli\u003e restart firewall \n\nNote: no side effects on firewall restart shall be seen when issuing this command." } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0289", "datePublished": "2021-07-15T20:01:05.615580Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-17T03:48:59.800Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0279 (GCVE-0-2021-0279)
Vulnerability from cvelistv5
Published
2021-07-15 20:00
Modified
2024-09-17 01:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-798 - Use of Hard-coded Credentials
Summary
Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative service for RabbitMQ (e.g. GUI), can use these hardcoded credentials to cause a Denial of Service (DoS) or have access to unspecified sensitive system information. This issue affects the Juniper Networks Contrail Cloud releases on versions prior to 13.6.0.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Juniper Networks | Contrail Cloud |
Version: unspecified < 13.6.0 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.506Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11183" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Contrail Cloud", "vendor": "Juniper Networks", "versions": [ { "lessThan": "13.6.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative service for RabbitMQ (e.g. GUI), can use these hardcoded credentials to cause a Denial of Service (DoS) or have access to unspecified sensitive system information. This issue affects the Juniper Networks Contrail Cloud releases on versions prior to 13.6.0." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:00:50", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11183" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Juniper Networks Contrail Cloud version 13.6.0, and all subsequent releases.\n\nWhen installing Contrail Cloud version 13.6.0, to set a non-default password for RabbitMQ, one of these options are possible:\na) You may set a non-default password using the config/vault-data.yml file.\nb) Or following configuration should be added to the CC site.yml file:\n\n extra_config:\n ContrailAnalyticsParameters:\n ContrailSettings:\n RABBITMQ_PASSWORD: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027password\u0027] }}\"\n RABBITMQ_USER: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027user\u0027] }}\"\n ContrailControllerParameters:\n ContrailSettings:\n RABBITMQ_PASSWORD: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027password\u0027] }}\"\n RABBITMQ_USER: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027user\u0027] }}\"\n\nContact Juniper Networks Technical Assistance Center (JTAC) for guided assistance if necessary." } ], "source": { "advisory": "JSA11183", "defect": [ "CC-773" ], "discovery": "USER" }, "title": "Contrail Cloud: Hardcoded credentials for RabbitMQ service", "workarounds": [ { "lang": "en", "value": "To mitigate this issue with a fresh installation of Contrail Cloud version prior to 13.6.0, the following configuration options should be added to the CC site.yml file.\n\n extra_config:\n ContrailAnalyticsParameters:\n ContrailSettings:\n RABBITMQ_PASSWORD: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027password\u0027] }}\"\n RABBITMQ_USER: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027user\u0027] }}\"\n ContrailControllerParameters:\n ContrailSettings:\n RABBITMQ_PASSWORD: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027password\u0027] }}\"\n RABBITMQ_USER: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027user\u0027] }}\"\n\nPlease contact Juniper Networks Technical Assistance Center (JTAC) for guided assistance if necessary.\n\nUntil a fresh installation or upgrade is possible, to reduce the risk of exploitation utilize common security BCPs to limit the exploitable surface by limiting access to network and device to trusted systems, administrators, networks and hosts." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0279", "STATE": "PUBLIC", "TITLE": "Contrail Cloud: Hardcoded credentials for RabbitMQ service" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Contrail Cloud", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "13.6.0" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative service for RabbitMQ (e.g. GUI), can use these hardcoded credentials to cause a Denial of Service (DoS) or have access to unspecified sensitive system information. This issue affects the Juniper Networks Contrail Cloud releases on versions prior to 13.6.0." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-798 Use of Hard-coded Credentials" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11183", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11183" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Juniper Networks Contrail Cloud version 13.6.0, and all subsequent releases.\n\nWhen installing Contrail Cloud version 13.6.0, to set a non-default password for RabbitMQ, one of these options are possible:\na) You may set a non-default password using the config/vault-data.yml file.\nb) Or following configuration should be added to the CC site.yml file:\n\n extra_config:\n ContrailAnalyticsParameters:\n ContrailSettings:\n RABBITMQ_PASSWORD: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027password\u0027] }}\"\n RABBITMQ_USER: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027user\u0027] }}\"\n ContrailControllerParameters:\n ContrailSettings:\n RABBITMQ_PASSWORD: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027password\u0027] }}\"\n RABBITMQ_USER: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027user\u0027] }}\"\n\nContact Juniper Networks Technical Assistance Center (JTAC) for guided assistance if necessary." } ], "source": { "advisory": "JSA11183", "defect": [ "CC-773" ], "discovery": "USER" }, "work_around": [ { "lang": "en", "value": "To mitigate this issue with a fresh installation of Contrail Cloud version prior to 13.6.0, the following configuration options should be added to the CC site.yml file.\n\n extra_config:\n ContrailAnalyticsParameters:\n ContrailSettings:\n RABBITMQ_PASSWORD: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027password\u0027] }}\"\n RABBITMQ_USER: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027user\u0027] }}\"\n ContrailControllerParameters:\n ContrailSettings:\n RABBITMQ_PASSWORD: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027password\u0027] }}\"\n RABBITMQ_USER: \"{{ vault[\u0027other\u0027][\u0027credentials\u0027][\u0027contrail_rabbit\u0027][\u0027user\u0027] }}\"\n\nPlease contact Juniper Networks Technical Assistance Center (JTAC) for guided assistance if necessary.\n\nUntil a fresh installation or upgrade is possible, to reduce the risk of exploitation utilize common security BCPs to limit the exploitable surface by limiting access to network and device to trusted systems, administrators, networks and hosts." } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0279", "datePublished": "2021-07-15T20:00:50.653467Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-17T01:06:11.249Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0290 (GCVE-0-2021-0290)
Vulnerability from cvelistv5
Published
2021-07-15 20:01
Modified
2024-09-16 20:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-755 - Improper Handling of Exceptional Conditions
Summary
Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper Networks Junos OS allows an attacker to send specially crafted frames over the local Ethernet segment, causing the interface to go into a down state, resulting in a Denial of Service (DoS) condition. The interface does not recover on its own and the FPC must be reset manually. Continued receipt and processing of these frames will create a sustained Denial of Service (DoS) condition. This issue is platform-specific and affects the following platforms and line cards: * MPC7E/8E/9E and MPC10E on MX240, MX480, MX960, MX2008, MX2010, and MX2020 * MX204, MX10003, MX10008, MX10016 * EX9200, EX9251 * SRX4600 No other products or platforms are affected by this vulnerability. An indication of this issue occurring can be seen in the system log messages, as shown below: user@host> show log messages | match "Failed to complete DFE tuning" fpc4 smic_phy_dfe_tuning_state: et-4/1/6 - Failed to complete DFE tuning (count 3) and interface will be in a permanently down state: user@host> show interfaces et-4/1/6 terse Interface Admin Link Proto Local Remote et-4/1/6 up down et-4/1/6.0 up down aenet --> ae101.0 This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S7 on MX Series; 17.1R1 and later versions prior to 17.2R3-S3 on MX Series; 17.3 versions prior to 17.3R3-S8 on MX Series; 17.4 versions prior to 17.4R2-S11, 17.4R3-S1 on MX Series, SRX4600; 18.1 versions prior to 18.1R3-S10 on MX Series, EX9200 Series, SRX4600; 18.2 versions prior to 18.2R3-S3 on MX Series, EX9200 Series, SRX4600; 18.3 versions prior to 18.3R3-S1 on MX Series, EX9200 Series, SRX4600; 18.4 versions prior to 18.4R2-S3, 18.4R3 on MX Series, EX9200 Series, SRX4600; 19.1 versions prior to 19.1R2-S1, 19.1R3 on MX Series, EX9200 Series, SRX4600; 19.2 versions prior to 19.2R1-S3, 19.2R2 on MX Series, EX9200 Series, SRX4600; 19.3 versions prior to 19.3R2 on MX Series, EX9200 Series, SRX4600. This issue does not affect Juniper Networks Junos OS versions prior to 16.1R1.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Juniper Networks | Junos OS |
Patch: unspecified < 16.1R1 |
|||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.583Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11192" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "16.1R1", "status": "unaffected", "version": "unspecified", "versionType": "custom" } ] }, { "platforms": [ "MX Series" ], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "16.1R7-S7", "status": "affected", "version": "16.1", "versionType": "custom" }, { "lessThan": "17.1*", "status": "affected", "version": "17.1R1", "versionType": "custom" }, { "lessThan": "17.2R3-S3", "status": "affected", "version": "17.2", "versionType": "custom" }, { "lessThan": "17.3R3-S8", "status": "affected", "version": "17.3", "versionType": "custom" } ] }, { "platforms": [ "MX Series, SRX4600" ], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "17.4R2-S11, 17.4R3-S1", "status": "affected", "version": "17.4", "versionType": "custom" } ] }, { "platforms": [ "MX Series, EX9200 Series, SRX4600" ], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "18.1R3-S10", "status": "affected", "version": "18.1", "versionType": "custom" }, { "lessThan": "18.2R3-S3", "status": "affected", "version": "18.2", "versionType": "custom" }, { "lessThan": "18.3R3-S1", "status": "affected", "version": "18.3", "versionType": "custom" }, { "lessThan": "18.4R2-S3, 18.4R3", "status": "affected", "version": "18.4", "versionType": "custom" }, { "lessThan": "19.1R2-S1, 19.1R3", "status": "affected", "version": "19.1", "versionType": "custom" }, { "lessThan": "19.2R1-S3, 19.2R2", "status": "affected", "version": "19.2", "versionType": "custom" }, { "lessThan": "19.3R2", "status": "affected", "version": "19.3", "versionType": "custom" } ] } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper Networks Junos OS allows an attacker to send specially crafted frames over the local Ethernet segment, causing the interface to go into a down state, resulting in a Denial of Service (DoS) condition. The interface does not recover on its own and the FPC must be reset manually. Continued receipt and processing of these frames will create a sustained Denial of Service (DoS) condition. This issue is platform-specific and affects the following platforms and line cards: * MPC7E/8E/9E and MPC10E on MX240, MX480, MX960, MX2008, MX2010, and MX2020 * MX204, MX10003, MX10008, MX10016 * EX9200, EX9251 * SRX4600 No other products or platforms are affected by this vulnerability. An indication of this issue occurring can be seen in the system log messages, as shown below: user@host\u003e show log messages | match \"Failed to complete DFE tuning\" fpc4 smic_phy_dfe_tuning_state: et-4/1/6 - Failed to complete DFE tuning (count 3) and interface will be in a permanently down state: user@host\u003e show interfaces et-4/1/6 terse Interface Admin Link Proto Local Remote et-4/1/6 up down et-4/1/6.0 up down aenet --\u003e ae101.0 This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S7 on MX Series; 17.1R1 and later versions prior to 17.2R3-S3 on MX Series; 17.3 versions prior to 17.3R3-S8 on MX Series; 17.4 versions prior to 17.4R2-S11, 17.4R3-S1 on MX Series, SRX4600; 18.1 versions prior to 18.1R3-S10 on MX Series, EX9200 Series, SRX4600; 18.2 versions prior to 18.2R3-S3 on MX Series, EX9200 Series, SRX4600; 18.3 versions prior to 18.3R3-S1 on MX Series, EX9200 Series, SRX4600; 18.4 versions prior to 18.4R2-S3, 18.4R3 on MX Series, EX9200 Series, SRX4600; 19.1 versions prior to 19.1R2-S1, 19.1R3 on MX Series, EX9200 Series, SRX4600; 19.2 versions prior to 19.2R1-S3, 19.2R2 on MX Series, EX9200 Series, SRX4600; 19.3 versions prior to 19.3R2 on MX Series, EX9200 Series, SRX4600. This issue does not affect Juniper Networks Junos OS versions prior to 16.1R1." } ], "exploits": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-755", "description": "CWE-755 Improper Handling of Exceptional Conditions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:01:07", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11192" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 16.1R7-S7, 17.2R3-S3, 17.3R3-S8, 17.4R2-S11, 17.4R3-S1, 17.4R3-S5, 18.1R3-S10, 18.2R3-S3, 18.2R3-S8, 18.3R3-S1, 18.4R2-S3, 18.4R3, 19.1R2-S1, 19.1R3, 19.2R1-S3, 19.2R2, 19.3R2, 19.4R1, and all subsequent releases." } ], "source": { "advisory": "JSA11192", "defect": [ "1463015" ], "discovery": "USER" }, "title": "Junos OS: MX Series, EX9200 Series, SRX4600: Ethernet interface vulnerable to specially crafted frames", "workarounds": [ { "lang": "en", "value": "There are no viable workarounds for this issue." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0290", "STATE": "PUBLIC", "TITLE": "Junos OS: MX Series, EX9200 Series, SRX4600: Ethernet interface vulnerable to specially crafted frames" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Junos OS", "version": { "version_data": [ { "version_affected": "!\u003c", "version_value": "16.1R1" }, { "platform": "MX Series", "version_affected": "\u003c", "version_name": "16.1", "version_value": "16.1R7-S7" }, { "platform": "MX Series", "version_affected": "\u003e=", "version_name": "17.1", "version_value": "17.1R1" }, { "platform": "MX Series", "version_affected": "\u003c", "version_name": "17.2", "version_value": "17.2R3-S3" }, { "platform": "MX Series", "version_affected": "\u003c", "version_name": "17.3", "version_value": "17.3R3-S8" }, { "platform": "MX Series, SRX4600", "version_affected": "\u003c", "version_name": "17.4", "version_value": "17.4R2-S11, 17.4R3-S1" }, { "platform": "MX Series, EX9200 Series, SRX4600", "version_affected": "\u003c", "version_name": "18.1", "version_value": "18.1R3-S10" }, { "platform": "MX Series, EX9200 Series, SRX4600", "version_affected": "\u003c", "version_name": "18.2", "version_value": "18.2R3-S3" }, { "platform": "MX Series, EX9200 Series, SRX4600", "version_affected": "\u003c", "version_name": "18.3", "version_value": "18.3R3-S1" }, { "platform": "MX Series, EX9200 Series, SRX4600", "version_affected": "\u003c", "version_name": "18.4", "version_value": "18.4R2-S3, 18.4R3" }, { "platform": "MX Series, EX9200 Series, SRX4600", "version_affected": "\u003c", "version_name": "19.1", "version_value": "19.1R2-S1, 19.1R3" }, { "platform": "MX Series, EX9200 Series, SRX4600", "version_affected": "\u003c", "version_name": "19.2", "version_value": "19.2R1-S3, 19.2R2" }, { "platform": "MX Series, EX9200 Series, SRX4600", "version_affected": "\u003c", "version_name": "19.3", "version_value": "19.3R2" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper Networks Junos OS allows an attacker to send specially crafted frames over the local Ethernet segment, causing the interface to go into a down state, resulting in a Denial of Service (DoS) condition. The interface does not recover on its own and the FPC must be reset manually. Continued receipt and processing of these frames will create a sustained Denial of Service (DoS) condition. This issue is platform-specific and affects the following platforms and line cards: * MPC7E/8E/9E and MPC10E on MX240, MX480, MX960, MX2008, MX2010, and MX2020 * MX204, MX10003, MX10008, MX10016 * EX9200, EX9251 * SRX4600 No other products or platforms are affected by this vulnerability. An indication of this issue occurring can be seen in the system log messages, as shown below: user@host\u003e show log messages | match \"Failed to complete DFE tuning\" fpc4 smic_phy_dfe_tuning_state: et-4/1/6 - Failed to complete DFE tuning (count 3) and interface will be in a permanently down state: user@host\u003e show interfaces et-4/1/6 terse Interface Admin Link Proto Local Remote et-4/1/6 up down et-4/1/6.0 up down aenet --\u003e ae101.0 This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S7 on MX Series; 17.1R1 and later versions prior to 17.2R3-S3 on MX Series; 17.3 versions prior to 17.3R3-S8 on MX Series; 17.4 versions prior to 17.4R2-S11, 17.4R3-S1 on MX Series, SRX4600; 18.1 versions prior to 18.1R3-S10 on MX Series, EX9200 Series, SRX4600; 18.2 versions prior to 18.2R3-S3 on MX Series, EX9200 Series, SRX4600; 18.3 versions prior to 18.3R3-S1 on MX Series, EX9200 Series, SRX4600; 18.4 versions prior to 18.4R2-S3, 18.4R3 on MX Series, EX9200 Series, SRX4600; 19.1 versions prior to 19.1R2-S1, 19.1R3 on MX Series, EX9200 Series, SRX4600; 19.2 versions prior to 19.2R1-S3, 19.2R2 on MX Series, EX9200 Series, SRX4600; 19.3 versions prior to 19.3R2 on MX Series, EX9200 Series, SRX4600. This issue does not affect Juniper Networks Junos OS versions prior to 16.1R1." } ] }, "exploit": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-755 Improper Handling of Exceptional Conditions" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11192", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11192" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 16.1R7-S7, 17.2R3-S3, 17.3R3-S8, 17.4R2-S11, 17.4R3-S1, 17.4R3-S5, 18.1R3-S10, 18.2R3-S3, 18.2R3-S8, 18.3R3-S1, 18.4R2-S3, 18.4R3, 19.1R2-S1, 19.1R3, 19.2R1-S3, 19.2R2, 19.3R2, 19.4R1, and all subsequent releases." } ], "source": { "advisory": "JSA11192", "defect": [ "1463015" ], "discovery": "USER" }, "work_around": [ { "lang": "en", "value": "There are no viable workarounds for this issue." } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0290", "datePublished": "2021-07-15T20:01:07.184250Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-16T20:53:25.963Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0285 (GCVE-0-2021-0285)
Vulnerability from cvelistv5
Published
2021-07-15 20:00
Modified
2024-09-16 16:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Control Protocol (ICCP) interruptions, leading to an unstable control connection between the Multi-Chassis Link Aggregation Group (MC-LAG) nodes which can in turn lead to traffic loss. Continued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition. An indication that the system could be impacted by this issue is the following log message: "DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for protocol/exception LOCALNH:aggregate exceeded its allowed bandwidth at fpc <fpc number> for <n> times, started at <timestamp>" This issue affects Juniper Networks Junos OS on QFX5000 Series and EX4600 Series: 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S7; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R1-S1, 20.4R2.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Juniper Networks | Junos OS |
Version: 15.1 < 15.1R7-S9 Version: 17.3 < 17.3R3-S11 Version: 17.4 < 17.4R2-S13, 17.4R3-S5 Version: 18.3 < 18.3R3-S5 Version: 18.4 < 18.4R2-S8, 18.4R3-S7 Version: 19.1 < 19.1R3-S5 Version: 19.2 < 19.2R1-S6, 19.2R3-S2 Version: 19.3 < 19.3R2-S6, 19.3R3-S2 Version: 19.4 < 19.4R1-S4, 19.4R2-S4, 19.4R3-S2 Version: 20.1 < 20.1R2-S2, 20.1R3 Version: 20.2 < 20.2R2-S3, 20.2R3 Version: 20.3 < 20.3R2 Version: 20.4 < 20.4R1-S1, 20.4R2 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.575Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11187" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "platforms": [ "QFX5000 Series and EX4600 Series" ], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "15.1R7-S9", "status": "affected", "version": "15.1", "versionType": "custom" }, { "lessThan": "17.3R3-S11", "status": "affected", "version": "17.3", "versionType": "custom" }, { "lessThan": "17.4R2-S13, 17.4R3-S5", "status": "affected", "version": "17.4", "versionType": "custom" }, { "lessThan": "18.3R3-S5", "status": "affected", "version": "18.3", "versionType": "custom" }, { "lessThan": "18.4R2-S8, 18.4R3-S7", "status": "affected", "version": "18.4", "versionType": "custom" }, { "lessThan": "19.1R3-S5", "status": "affected", "version": "19.1", "versionType": "custom" }, { "lessThan": "19.2R1-S6, 19.2R3-S2", "status": "affected", "version": "19.2", "versionType": "custom" }, { "lessThan": "19.3R2-S6, 19.3R3-S2", "status": "affected", "version": "19.3", "versionType": "custom" }, { "lessThan": "19.4R1-S4, 19.4R2-S4, 19.4R3-S2", "status": "affected", "version": "19.4", "versionType": "custom" }, { "lessThan": "20.1R2-S2, 20.1R3", "status": "affected", "version": "20.1", "versionType": "custom" }, { "lessThan": "20.2R2-S3, 20.2R3", "status": "affected", "version": "20.2", "versionType": "custom" }, { "lessThan": "20.3R2", "status": "affected", "version": "20.3", "versionType": "custom" }, { "lessThan": "20.4R1-S1, 20.4R2", "status": "affected", "version": "20.4", "versionType": "custom" } ] } ], "configurations": [ { "lang": "en", "value": "This issue only affects devices with ICCP configured:\n\n[ protocols iccp peer ]" } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Control Protocol (ICCP) interruptions, leading to an unstable control connection between the Multi-Chassis Link Aggregation Group (MC-LAG) nodes which can in turn lead to traffic loss. Continued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition. An indication that the system could be impacted by this issue is the following log message: \"DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for protocol/exception LOCALNH:aggregate exceeded its allowed bandwidth at fpc \u003cfpc number\u003e for \u003cn\u003e times, started at \u003ctimestamp\u003e\" This issue affects Juniper Networks Junos OS on QFX5000 Series and EX4600 Series: 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S7; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R1-S1, 20.4R2." } ], "exploits": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:00:58", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11187" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 15.1R7-S9, 17.3R3-S11, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S7, 19.1R3-S5, 19.2R1-S6, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S2, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R1-S1, 20.4R2, 21.1R1, and all subsequent releases." } ], "source": { "advisory": "JSA11187", "defect": [ "1552877" ], "discovery": "USER" }, "title": "Junos OS: QFX5000 Series and EX4600 Series: Continuous traffic destined to a device configured with MC-LAG leading to nodes losing their control connection which can impact traffic", "workarounds": [ { "lang": "en", "value": "While no complete workaround exists, the risk of malicious exploitation can be reduced by filtering undesirable traffic using firewall filters and policers, or increase the bandwidth for the localnh DDOS queue." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0285", "STATE": "PUBLIC", "TITLE": "Junos OS: QFX5000 Series and EX4600 Series: Continuous traffic destined to a device configured with MC-LAG leading to nodes losing their control connection which can impact traffic" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Junos OS", "version": { "version_data": [ { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "15.1", "version_value": "15.1R7-S9" }, { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "17.3", "version_value": "17.3R3-S11" }, { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "17.4", "version_value": "17.4R2-S13, 17.4R3-S5" }, { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "18.3", "version_value": "18.3R3-S5" }, { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "18.4", "version_value": "18.4R2-S8, 18.4R3-S7" }, { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "19.1", "version_value": "19.1R3-S5" }, { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "19.2", "version_value": "19.2R1-S6, 19.2R3-S2" }, { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "19.3", "version_value": "19.3R2-S6, 19.3R3-S2" }, { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "19.4", "version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S2" }, { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "20.1", "version_value": "20.1R2-S2, 20.1R3" }, { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "20.2", "version_value": "20.2R2-S3, 20.2R3" }, { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "20.3", "version_value": "20.3R2" }, { "platform": "QFX5000 Series and EX4600 Series", "version_affected": "\u003c", "version_name": "20.4", "version_value": "20.4R1-S1, 20.4R2" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "configuration": [ { "lang": "en", "value": "This issue only affects devices with ICCP configured:\n\n[ protocols iccp peer ]" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Control Protocol (ICCP) interruptions, leading to an unstable control connection between the Multi-Chassis Link Aggregation Group (MC-LAG) nodes which can in turn lead to traffic loss. Continued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition. An indication that the system could be impacted by this issue is the following log message: \"DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for protocol/exception LOCALNH:aggregate exceeded its allowed bandwidth at fpc \u003cfpc number\u003e for \u003cn\u003e times, started at \u003ctimestamp\u003e\" This issue affects Juniper Networks Junos OS on QFX5000 Series and EX4600 Series: 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S7; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R1-S1, 20.4R2." } ] }, "exploit": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-770 Allocation of Resources Without Limits or Throttling" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11187", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11187" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 15.1R7-S9, 17.3R3-S11, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S7, 19.1R3-S5, 19.2R1-S6, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S2, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R1-S1, 20.4R2, 21.1R1, and all subsequent releases." } ], "source": { "advisory": "JSA11187", "defect": [ "1552877" ], "discovery": "USER" }, "work_around": [ { "lang": "en", "value": "While no complete workaround exists, the risk of malicious exploitation can be reduced by filtering undesirable traffic using firewall filters and policers, or increase the bandwidth for the localnh DDOS queue." } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0285", "datePublished": "2021-07-15T20:00:58.517202Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-16T16:33:37.636Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0280 (GCVE-0-2021-0280)
Vulnerability from cvelistv5
Published
2021-07-15 20:00
Modified
2024-09-16 22:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-665 - Improper Initialization
Summary
Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE). This may cause BFD sessions to flap when a high rate of specific packets are received. Flapping of BFD sessions in turn may impact routing protocols and network stability, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms with Paradise (PE) chipset-based line cards: PTX1000, PTX3000 (NextGen), PTX5000, PTX10008, PTX10016 Series and QFX10002 Series. This issue affects: Juniper Networks Junos OS 17.4 versions prior to 17.4R3-S5 on PTX Series, QFX10K Series; 18.2 versions prior to 18.2R3-S8 on PTX Series, QFX10K Series; 18.3 versions prior to 18.3R3-S5 on PTX Series, QFX10K Series; 18.4 versions prior to 18.4R2-S8 on PTX Series, QFX10K Series; 19.1 versions prior to 19.1R3-S5 on PTX Series, QFX10K Series; 19.2 versions prior to 19.2R3-S2 on PTX Series, QFX10K Series; 19.3 versions prior to 19.3R3-S2 on PTX Series, QFX10K Series; 19.4 versions prior to 19.4R3-S2 on PTX Series, QFX10K Series; 20.1 versions prior to 20.1R3 on PTX Series, QFX10K Series; 20.2 versions prior to 20.2R2-S3, 20.2R3 on PTX Series, QFX10K Series; 20.3 versions prior to 20.3R2 on PTX Series, QFX10K Series; 20.4 versions prior to 20.4R2 on PTX Series, QFX10K Series.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Juniper Networks | Junos OS |
Version: 17.4 < 17.4R3-S5 Version: 18.2 < 18.2R3-S8 Version: 18.3 < 18.3R3-S5 Version: 18.4 < 18.4R2-S8 Version: 19.1 < 19.1R3-S5 Version: 19.2 < 19.2R3-S2 Version: 19.3 < 19.3R3-S2 Version: 19.4 < 19.4R3-S2 Version: 20.1 < 20.1R3 Version: 20.2 < 20.2R2-S3, 20.2R3 Version: 20.3 < 20.3R2, 20.3R3 Version: 20.4 < 20.4R2 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.548Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11184" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "platforms": [ "PTX Series, QFX10K Series" ], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "17.4R3-S5", "status": "affected", "version": "17.4", "versionType": "custom" }, { "lessThan": "18.2R3-S8", "status": "affected", "version": "18.2", "versionType": "custom" }, { "lessThan": "18.3R3-S5", "status": "affected", "version": "18.3", "versionType": "custom" }, { "lessThan": "18.4R2-S8", "status": "affected", "version": "18.4", "versionType": "custom" }, { "lessThan": "19.1R3-S5", "status": "affected", "version": "19.1", "versionType": "custom" }, { "lessThan": "19.2R3-S2", "status": "affected", "version": "19.2", "versionType": "custom" }, { "lessThan": "19.3R3-S2", "status": "affected", "version": "19.3", "versionType": "custom" }, { "lessThan": "19.4R3-S2", "status": "affected", "version": "19.4", "versionType": "custom" }, { "lessThan": "20.1R3", "status": "affected", "version": "20.1", "versionType": "custom" }, { "lessThan": "20.2R2-S3, 20.2R3", "status": "affected", "version": "20.2", "versionType": "custom" }, { "lessThan": "20.3R2, 20.3R3", "status": "affected", "version": "20.3", "versionType": "custom" }, { "lessThan": "20.4R2", "status": "affected", "version": "20.4", "versionType": "custom" } ] } ], "configurations": [ { "lang": "en", "value": "The examples of the config stanza affected by this issue:\n\n [system ddos-protection global]\n [system ddos-protection protocols]" } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE). This may cause BFD sessions to flap when a high rate of specific packets are received. Flapping of BFD sessions in turn may impact routing protocols and network stability, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms with Paradise (PE) chipset-based line cards: PTX1000, PTX3000 (NextGen), PTX5000, PTX10008, PTX10016 Series and QFX10002 Series. This issue affects: Juniper Networks Junos OS 17.4 versions prior to 17.4R3-S5 on PTX Series, QFX10K Series; 18.2 versions prior to 18.2R3-S8 on PTX Series, QFX10K Series; 18.3 versions prior to 18.3R3-S5 on PTX Series, QFX10K Series; 18.4 versions prior to 18.4R2-S8 on PTX Series, QFX10K Series; 19.1 versions prior to 19.1R3-S5 on PTX Series, QFX10K Series; 19.2 versions prior to 19.2R3-S2 on PTX Series, QFX10K Series; 19.3 versions prior to 19.3R3-S2 on PTX Series, QFX10K Series; 19.4 versions prior to 19.4R3-S2 on PTX Series, QFX10K Series; 20.1 versions prior to 20.1R3 on PTX Series, QFX10K Series; 20.2 versions prior to 20.2R2-S3, 20.2R3 on PTX Series, QFX10K Series; 20.3 versions prior to 20.3R2 on PTX Series, QFX10K Series; 20.4 versions prior to 20.4R2 on PTX Series, QFX10K Series." } ], "exploits": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-665", "description": "CWE-665 Improper Initialization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:00:52", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11184" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 17.4R3-S5, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 19.1R3-S5, 19.2R3-S2, 19.3R3-S2, 19.4R3-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R2, 21.1R1, and all subsequent releases." } ], "source": { "advisory": "JSA11184", "defect": [ "1564807" ], "discovery": "USER" }, "title": "Junos OS: PTX Series, QFX10K Series: Upon receipt of specific packets BFD sessions might flap due to DDoS policer implementation in Packet Forwarding Engine", "workarounds": [ { "lang": "en", "value": "The default ukern policer rate can be reduced by the CLI command:\n set system ddos-protection protocols \u003cprotocol-group\u003e \u003caggregate | packet-type\u003e bandwidth \u003cpackets-per-second\u003e burst \u003csize\u003e" } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0280", "STATE": "PUBLIC", "TITLE": "Junos OS: PTX Series, QFX10K Series: Upon receipt of specific packets BFD sessions might flap due to DDoS policer implementation in Packet Forwarding Engine" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Junos OS", "version": { "version_data": [ { "platform": "PTX Series, QFX10K Series", "version_affected": "\u003c", "version_name": "17.4", "version_value": "17.4R3-S5" }, { "platform": "PTX Series, QFX10K Series", "version_affected": "\u003c", "version_name": "18.2", "version_value": "18.2R3-S8" }, { "platform": "PTX Series, QFX10K Series", "version_affected": "\u003c", "version_name": "18.3", "version_value": "18.3R3-S5" }, { "platform": "PTX Series, QFX10K Series", "version_affected": "\u003c", "version_name": "18.4", "version_value": "18.4R2-S8" }, { "platform": "PTX Series, QFX10K Series", "version_affected": "\u003c", "version_name": "19.1", "version_value": "19.1R3-S5" }, { "platform": "PTX Series, QFX10K Series", "version_affected": "\u003c", "version_name": "19.2", "version_value": "19.2R3-S2" }, { "platform": "PTX Series, QFX10K Series", "version_affected": "\u003c", "version_name": "19.3", "version_value": "19.3R3-S2" }, { "platform": "PTX Series, QFX10K Series", "version_affected": "\u003c", "version_name": "19.4", "version_value": "19.4R3-S2" }, { "platform": "PTX Series, QFX10K Series", "version_affected": "\u003c", "version_name": "20.1", "version_value": "20.1R3" }, { "platform": "PTX Series, QFX10K Series", "version_affected": "\u003c", "version_name": "20.2", "version_value": "20.2R2-S3, 20.2R3" }, { "platform": "PTX Series, QFX10K Series", "version_affected": "\u003c", "version_name": "20.3", "version_value": "20.3R2, 20.3R3" }, { "platform": "PTX Series, QFX10K Series", "version_affected": "\u003c", "version_name": "20.4", "version_value": "20.4R2" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "configuration": [ { "lang": "en", "value": "The examples of the config stanza affected by this issue:\n\n [system ddos-protection global]\n [system ddos-protection protocols]" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE). This may cause BFD sessions to flap when a high rate of specific packets are received. Flapping of BFD sessions in turn may impact routing protocols and network stability, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms with Paradise (PE) chipset-based line cards: PTX1000, PTX3000 (NextGen), PTX5000, PTX10008, PTX10016 Series and QFX10002 Series. This issue affects: Juniper Networks Junos OS 17.4 versions prior to 17.4R3-S5 on PTX Series, QFX10K Series; 18.2 versions prior to 18.2R3-S8 on PTX Series, QFX10K Series; 18.3 versions prior to 18.3R3-S5 on PTX Series, QFX10K Series; 18.4 versions prior to 18.4R2-S8 on PTX Series, QFX10K Series; 19.1 versions prior to 19.1R3-S5 on PTX Series, QFX10K Series; 19.2 versions prior to 19.2R3-S2 on PTX Series, QFX10K Series; 19.3 versions prior to 19.3R3-S2 on PTX Series, QFX10K Series; 19.4 versions prior to 19.4R3-S2 on PTX Series, QFX10K Series; 20.1 versions prior to 20.1R3 on PTX Series, QFX10K Series; 20.2 versions prior to 20.2R2-S3, 20.2R3 on PTX Series, QFX10K Series; 20.3 versions prior to 20.3R2 on PTX Series, QFX10K Series; 20.4 versions prior to 20.4R2 on PTX Series, QFX10K Series." } ] }, "exploit": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-665 Improper Initialization" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11184", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11184" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 17.4R3-S5, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 19.1R3-S5, 19.2R3-S2, 19.3R3-S2, 19.4R3-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R2, 21.1R1, and all subsequent releases." } ], "source": { "advisory": "JSA11184", "defect": [ "1564807" ], "discovery": "USER" }, "work_around": [ { "lang": "en", "value": "The default ukern policer rate can be reduced by the CLI command:\n set system ddos-protection protocols \u003cprotocol-group\u003e \u003caggregate | packet-type\u003e bandwidth \u003cpackets-per-second\u003e burst \u003csize\u003e" } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0280", "datePublished": "2021-07-15T20:00:52.242253Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-16T22:40:56.537Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0282 (GCVE-0-2021-0282)
Vulnerability from cvelistv5
Published
2021-07-15 20:00
Modified
2024-09-16 19:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPDATE message will create a sustained Denial of Service (DoS) condition. This BGP UPDATE message can propagate to other BGP peers with vulnerable Junos versions on which Multipath or add-path feature is enabled, and cause RPD to crash and restart. This issue affects both IBGP and EBGP deployments in IPv4 or IPv6 network. Junos OS devices that do not have the BGP Multipath or add-path feature enabled are not affected by this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S6, 18.4R3-S6; 19.1 versions prior to 19.1R3-S3;
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Juniper Networks | Junos OS |
Version: 12.3 < 12.3R12-S18 Version: 15.1 < 15.1R7-S9 Version: 17.3 < 17.3R3-S11 Version: 17.4 < 17.4R2-S13, 17.4R3-S4 Version: 18.1 < 18.1R3-S12 Version: 18.2 < 18.2R3-S7 Version: 18.3 < 18.3R3-S4 Version: 18.4 < 18.4R2-S6, 18.4R3-S6 Version: 19.1 < 19.1R3-S3 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.556Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11186" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "12.3R12-S18", "status": "affected", "version": "12.3", "versionType": "custom" }, { "lessThan": "15.1R7-S9", "status": "affected", "version": "15.1", "versionType": "custom" }, { "lessThan": "17.3R3-S11", "status": "affected", "version": "17.3", "versionType": "custom" }, { "lessThan": "17.4R2-S13, 17.4R3-S4", "status": "affected", "version": "17.4", "versionType": "custom" }, { "lessThan": "18.1R3-S12", "status": "affected", "version": "18.1", "versionType": "custom" }, { "lessThan": "18.2R3-S7", "status": "affected", "version": "18.2", "versionType": "custom" }, { "lessThan": "18.3R3-S4", "status": "affected", "version": "18.3", "versionType": "custom" }, { "lessThan": "18.4R2-S6, 18.4R3-S6", "status": "affected", "version": "18.4", "versionType": "custom" }, { "lessThan": "19.1R3-S3", "status": "affected", "version": "19.1", "versionType": "custom" } ] } ], "configurations": [ { "lang": "en", "value": "The examples of the config stanza affected by this issue:\n [ protocols bgp multipath ]\n [ protocols bgp group \u003cgroup-name\u003e multipath ] \nor\n [ protocols bgp group \u003cgroup-name\u003e family \u003cfamily\u003e add-path ]" } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPDATE message will create a sustained Denial of Service (DoS) condition. This BGP UPDATE message can propagate to other BGP peers with vulnerable Junos versions on which Multipath or add-path feature is enabled, and cause RPD to crash and restart. This issue affects both IBGP and EBGP deployments in IPv4 or IPv6 network. Junos OS devices that do not have the BGP Multipath or add-path feature enabled are not affected by this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S6, 18.4R3-S6; 19.1 versions prior to 19.1R3-S3;" } ], "exploits": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:00:55", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11186" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S18, 15.1R7-S9, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.1R3-S12, 18.2R3-S7, 18.3R3-S4, 18.4R2-S6, 18.4R3-S6, 19.1R3-S3, 19.2R1, and all subsequent releases." } ], "source": { "advisory": "JSA11186", "defect": [ "1412977" ], "discovery": "USER" }, "title": "Junos OS: RPD crash while processing a specific BGP UPDATE when Multipath or add-path features are enabled", "workarounds": [ { "lang": "en", "value": "BGP Multipath or add-path features can be disabled to mitigate this issue." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0282", "STATE": "PUBLIC", "TITLE": "Junos OS: RPD crash while processing a specific BGP UPDATE when Multipath or add-path features are enabled" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Junos OS", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "12.3", "version_value": "12.3R12-S18" }, { "version_affected": "\u003c", "version_name": "15.1", "version_value": "15.1R7-S9" }, { "version_affected": "\u003c", "version_name": "17.3", "version_value": "17.3R3-S11" }, { "version_affected": "\u003c", "version_name": "17.4", "version_value": "17.4R2-S13, 17.4R3-S4" }, { "version_affected": "\u003c", "version_name": "18.1", "version_value": "18.1R3-S12" }, { "version_affected": "\u003c", "version_name": "18.2", "version_value": "18.2R3-S7" }, { "version_affected": "\u003c", "version_name": "18.3", "version_value": "18.3R3-S4" }, { "version_affected": "\u003c", "version_name": "18.4", "version_value": "18.4R2-S6, 18.4R3-S6" }, { "version_affected": "\u003c", "version_name": "19.1", "version_value": "19.1R3-S3" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "configuration": [ { "lang": "en", "value": "The examples of the config stanza affected by this issue:\n [ protocols bgp multipath ]\n [ protocols bgp group \u003cgroup-name\u003e multipath ] \nor\n [ protocols bgp group \u003cgroup-name\u003e family \u003cfamily\u003e add-path ]" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPDATE message will create a sustained Denial of Service (DoS) condition. This BGP UPDATE message can propagate to other BGP peers with vulnerable Junos versions on which Multipath or add-path feature is enabled, and cause RPD to crash and restart. This issue affects both IBGP and EBGP deployments in IPv4 or IPv6 network. Junos OS devices that do not have the BGP Multipath or add-path feature enabled are not affected by this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S6, 18.4R3-S6; 19.1 versions prior to 19.1R3-S3;" } ] }, "exploit": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11186", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11186" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S18, 15.1R7-S9, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.1R3-S12, 18.2R3-S7, 18.3R3-S4, 18.4R2-S6, 18.4R3-S6, 19.1R3-S3, 19.2R1, and all subsequent releases." } ], "source": { "advisory": "JSA11186", "defect": [ "1412977" ], "discovery": "USER" }, "work_around": [ { "lang": "en", "value": "BGP Multipath or add-path features can be disabled to mitigate this issue." } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0282", "datePublished": "2021-07-15T20:00:55.392811Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-16T19:35:43.241Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-8936 (GCVE-0-2019-8936)
Vulnerability from cvelistv5
Published
2019-05-15 15:37
Modified
2024-08-04 21:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NTP through 4.2.8p12 has a NULL Pointer Dereference.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T21:31:37.562Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "GLSA-201903-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201903-15" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice" }, { "name": "openSUSE-SU-2019:1143", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00032.html" }, { "name": "openSUSE-SU-2019:1158", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00036.html" }, { "name": "FEDORA-2019-b0c7f0d94a", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQDNHNYOJK2SRSGO23GQ2RXTOUY2HLNN/" }, { "name": "FEDORA-2019-694e3aa4e8", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JBGXY7OKWOLT6X6JAPVZRFEP4FLCGGST/" }, { "name": "FEDORA-2019-f781d5c4c6", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NVS2CSG2TQ663CXOZZUJN4STQPMENNP/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20190503-0001/" }, { "name": "FreeBSD-SA-19:04", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:04.ntp.asc" }, { "name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:04.ntp", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/May/39" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.ntp.org/show_bug.cgi?id=3565" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/152915/FreeBSD-Security-Advisory-FreeBSD-SA-19-04.ntp.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.f5.com/csp/article/K61363039" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us" }, { "name": "USN-4563-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4563-1/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "NTP through 4.2.8p12 has a NULL Pointer Dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-10-07T15:06:12", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "GLSA-201903-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201903-15" }, { "tags": [ "x_refsource_MISC" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice" }, { "name": "openSUSE-SU-2019:1143", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00032.html" }, { "name": "openSUSE-SU-2019:1158", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00036.html" }, { "name": "FEDORA-2019-b0c7f0d94a", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQDNHNYOJK2SRSGO23GQ2RXTOUY2HLNN/" }, { "name": "FEDORA-2019-694e3aa4e8", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JBGXY7OKWOLT6X6JAPVZRFEP4FLCGGST/" }, { "name": "FEDORA-2019-f781d5c4c6", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NVS2CSG2TQ663CXOZZUJN4STQPMENNP/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20190503-0001/" }, { "name": "FreeBSD-SA-19:04", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:04.ntp.asc" }, { "name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:04.ntp", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/May/39" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.ntp.org/show_bug.cgi?id=3565" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/152915/FreeBSD-Security-Advisory-FreeBSD-SA-19-04.ntp.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.f5.com/csp/article/K61363039" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us" }, { "name": "USN-4563-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4563-1/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-8936", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "NTP through 4.2.8p12 has a NULL Pointer Dereference." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "GLSA-201903-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201903-15" }, { "name": "http://support.ntp.org/bin/view/Main/SecurityNotice", "refsource": "MISC", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice" }, { "name": "openSUSE-SU-2019:1143", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00032.html" }, { "name": "openSUSE-SU-2019:1158", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00036.html" }, { "name": "FEDORA-2019-b0c7f0d94a", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQDNHNYOJK2SRSGO23GQ2RXTOUY2HLNN/" }, { "name": "FEDORA-2019-694e3aa4e8", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBGXY7OKWOLT6X6JAPVZRFEP4FLCGGST/" }, { "name": "FEDORA-2019-f781d5c4c6", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NVS2CSG2TQ663CXOZZUJN4STQPMENNP/" }, { "name": "https://security.netapp.com/advisory/ntap-20190503-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190503-0001/" }, { "name": "FreeBSD-SA-19:04", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:04.ntp.asc" }, { "name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:04.ntp", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/May/39" }, { "name": "http://bugs.ntp.org/show_bug.cgi?id=3565", "refsource": "CONFIRM", "url": "http://bugs.ntp.org/show_bug.cgi?id=3565" }, { "name": "http://packetstormsecurity.com/files/152915/FreeBSD-Security-Advisory-FreeBSD-SA-19-04.ntp.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/152915/FreeBSD-Security-Advisory-FreeBSD-SA-19-04.ntp.html" }, { "name": "https://support.f5.com/csp/article/K61363039", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K61363039" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us" }, { "name": "USN-4563-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4563-1/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-8936", "datePublished": "2019-05-15T15:37:31", "dateReserved": "2019-02-19T00:00:00", "dateUpdated": "2024-08-04T21:31:37.562Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-6925 (GCVE-0-2018-6925)
Vulnerability from cvelistv5
Published
2018-09-28 13:00
Modified
2024-09-17 00:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of service
Summary
In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a NULL pointer dereference causing the kernel to crash.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T06:17:17.338Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-EN-18:11.listen.asc" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-21.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "FreeBSD", "vendor": "FreeBSD", "versions": [ { "status": "affected", "version": "11.2 before 11.2-RELEASE-p4" }, { "status": "affected", "version": "11.1 before 11.1-RELEASE-p15" }, { "status": "affected", "version": "10.x before 10.4-RELEASE-p13" } ] } ], "datePublic": "2018-09-27T00:00:00", "descriptions": [ { "lang": "en", "value": "In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a NULL pointer dereference causing the kernel to crash." } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-30T20:57:01", "orgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "shortName": "freebsd" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-EN-18:11.listen.asc" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-21.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secteam@freebsd.org", "DATE_PUBLIC": "2018-09-27T00:00:00", "ID": "CVE-2018-6925", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "FreeBSD", "version": { "version_data": [ { "version_value": "11.2 before 11.2-RELEASE-p4" }, { "version_value": "11.1 before 11.1-RELEASE-p15" }, { "version_value": "10.x before 10.4-RELEASE-p13" } ] } } ] }, "vendor_name": "FreeBSD" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a NULL pointer dereference causing the kernel to crash." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of service" } ] } ] }, "references": { "reference_data": [ { "name": "https://security.FreeBSD.org/advisories/FreeBSD-EN-18:11.listen.asc", "refsource": "CONFIRM", "url": "https://security.FreeBSD.org/advisories/FreeBSD-EN-18:11.listen.asc" }, { "name": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-21.html", "refsource": "MISC", "url": "https://www.flexera.com/company/secunia-research/advisories/SR-2018-21.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "assignerShortName": "freebsd", "cveId": "CVE-2018-6925", "datePublished": "2018-09-28T13:00:00Z", "dateReserved": "2018-02-12T00:00:00", "dateUpdated": "2024-09-17T00:26:16.671Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0288 (GCVE-0-2021-0288)
Vulnerability from cvelistv5
Published
2021-07-15 20:01
Modified
2024-09-17 02:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Port Concentrators) may cause FPC to crash and lead to a Denial of Service (DoS) condition. Continued receipt of this packet will sustain the Denial of Service (DoS) condition. This issue only affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2;
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Juniper Networks | Junos OS |
Version: 17.3 < 17.3R3-S12 Version: 17.4 < 17.4R2-S13, 17.4R3-S5 Version: 18.1 < 18.1R3-S13 Version: 18.2 < 18.2R3-S8 Version: 18.3 < 18.3R3-S5 Version: 18.4 < 18.4R2-S8, 18.4R3-S8 Version: 19.1 < 19.1R3-S5 Version: 19.2 < 19.2R3-S2 Version: 19.3 < 19.3R2-S6, 19.3R3-S3 Version: 19.4 < 19.4R1-S4, 19.4R1-S4, 19.4R2-S4, 19.4R3-S2 Version: 20.1 < 20.1R3 Version: 20.2 < 20.2R2-S2, 20.2R3 Version: 20.3 < 20.3R2 Version: 20.4 < 20.4R2 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.686Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11190" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "platforms": [ "MX Series, EX9200 Series" ], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "17.3R3-S12", "status": "affected", "version": "17.3", "versionType": "custom" }, { "lessThan": "17.4R2-S13, 17.4R3-S5", "status": "affected", "version": "17.4", "versionType": "custom" }, { "lessThan": "18.1R3-S13", "status": "affected", "version": "18.1", "versionType": "custom" }, { "lessThan": "18.2R3-S8", "status": "affected", "version": "18.2", "versionType": "custom" }, { "lessThan": "18.3R3-S5", "status": "affected", "version": "18.3", "versionType": "custom" }, { "lessThan": "18.4R2-S8, 18.4R3-S8", "status": "affected", "version": "18.4", "versionType": "custom" }, { "lessThan": "19.1R3-S5", "status": "affected", "version": "19.1", "versionType": "custom" }, { "lessThan": "19.2R3-S2", "status": "affected", "version": "19.2", "versionType": "custom" }, { "lessThan": "19.3R2-S6, 19.3R3-S3", "status": "affected", "version": "19.3", "versionType": "custom" }, { "lessThan": "19.4R1-S4, 19.4R1-S4, 19.4R2-S4, 19.4R3-S2", "status": "affected", "version": "19.4", "versionType": "custom" }, { "lessThan": "20.1R3", "status": "affected", "version": "20.1", "versionType": "custom" }, { "lessThan": "20.2R2-S2, 20.2R3", "status": "affected", "version": "20.2", "versionType": "custom" }, { "lessThan": "20.3R2", "status": "affected", "version": "20.3", "versionType": "custom" }, { "lessThan": "20.4R2", "status": "affected", "version": "20.4", "versionType": "custom" } ] } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Port Concentrators) may cause FPC to crash and lead to a Denial of Service (DoS) condition. Continued receipt of this packet will sustain the Denial of Service (DoS) condition. This issue only affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2;" } ], "exploits": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:01:03", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11190" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S8, 19.1R3-S5, 19.2R3-S2, 19.3R2-S6, 19.3R3-S3, 19.4R2-S4, 19.4R3-S2, 20.1R3, 20.2R2-S2, 20.2R3, 20.3R2, 20.4R2, 21.1R1, and all subsequent releases." } ], "source": { "advisory": "JSA11190", "defect": [ "1556576" ], "discovery": "USER" }, "title": "Junos OS: MX Series, EX9200 Series: FPC may crash upon receipt of specific MPLS packet affecting Trio-based MPCs", "workarounds": [ { "lang": "en", "value": "There are no viable workarounds for this issue." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0288", "STATE": "PUBLIC", "TITLE": "Junos OS: MX Series, EX9200 Series: FPC may crash upon receipt of specific MPLS packet affecting Trio-based MPCs" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Junos OS", "version": { "version_data": [ { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "17.3", "version_value": "17.3R3-S12" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "17.4", "version_value": "17.4R2-S13, 17.4R3-S5" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "18.1", "version_value": "18.1R3-S13" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "18.2", "version_value": "18.2R3-S8" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "18.3", "version_value": "18.3R3-S5" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "18.4", "version_value": "18.4R2-S8, 18.4R3-S8" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "19.1", "version_value": "19.1R3-S5" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "19.2", "version_value": "19.2R3-S2" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "19.3", "version_value": "19.3R2-S6, 19.3R3-S3" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "19.4", "version_value": "19.4R1-S4, 19.4R1-S4, 19.4R2-S4, 19.4R3-S2" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "20.1", "version_value": "20.1R3" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "20.2", "version_value": "20.2R2-S2, 20.2R3" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "20.3", "version_value": "20.3R2" }, { "platform": "MX Series, EX9200 Series", "version_affected": "\u003c", "version_name": "20.4", "version_value": "20.4R2" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Port Concentrators) may cause FPC to crash and lead to a Denial of Service (DoS) condition. Continued receipt of this packet will sustain the Denial of Service (DoS) condition. This issue only affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2;" } ] }, "exploit": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11190", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11190" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S8, 19.1R3-S5, 19.2R3-S2, 19.3R2-S6, 19.3R3-S3, 19.4R2-S4, 19.4R3-S2, 20.1R3, 20.2R2-S2, 20.2R3, 20.3R2, 20.4R2, 21.1R1, and all subsequent releases." } ], "source": { "advisory": "JSA11190", "defect": [ "1556576" ], "discovery": "USER" }, "work_around": [ { "lang": "en", "value": "There are no viable workarounds for this issue." } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0288", "datePublished": "2021-07-15T20:01:03.896300Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-17T02:10:46.812Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0276 (GCVE-0-2021-0276)
Vulnerability from cvelistv5
Published
2021-07-15 20:00
Modified
2024-09-16 19:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). This issue affects Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R19; 8.5.0 versions prior to 8.5.0R10; 8.6.0 versions prior to 8.6.0R4.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Juniper Networks | SBR Carrier |
Version: 8.4.1 < 8.4.1R19 Version: 8.5.0 < 8.5.0R10 Version: 8.6.0 < 8.6.0R4 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.546Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11180" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SBR Carrier", "vendor": "Juniper Networks", "versions": [ { "lessThan": "8.4.1R19", "status": "affected", "version": "8.4.1", "versionType": "custom" }, { "lessThan": "8.5.0R10", "status": "affected", "version": "8.5.0", "versionType": "custom" }, { "lessThan": "8.6.0R4", "status": "affected", "version": "8.6.0", "versionType": "custom" } ] } ], "configurations": [ { "lang": "en", "value": "This issue affects SBR Carrier with EAP authentication configured only when using Enhanced EAP Logging and TraceLevel setting of 2.\n\n \u003cSBR_Installed_Directory\u003e/JNPRsbr/radius/radius.ini\n [Logging]\n LogLevel=2\n TraceLevel=2\n EnhancedEAPLogging = yes" } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). This issue affects Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R19; 8.5.0 versions prior to 8.5.0R10; 8.6.0 versions prior to 8.6.0R4." } ], "exploits": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:00:45", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11180" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 8.4.1R19, 8.5.0R10, 8.6.0R4 and all subsequent releases." } ], "source": { "advisory": "JSA11180", "defect": [ "1465201" ], "discovery": "USER" }, "title": "Steel-Belted Radius Carrier Edition: Remote code execution vulnerability when EAP Authentication is configured.", "workarounds": [ { "lang": "en", "value": "There are no viable workarounds for this issue." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0276", "STATE": "PUBLIC", "TITLE": "Steel-Belted Radius Carrier Edition: Remote code execution vulnerability when EAP Authentication is configured." }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "SBR Carrier", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "8.4.1", "version_value": "8.4.1R19" }, { "version_affected": "\u003c", "version_name": "8.5.0", "version_value": "8.5.0R10" }, { "version_affected": "\u003c", "version_name": "8.6.0", "version_value": "8.6.0R4" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "configuration": [ { "lang": "en", "value": "This issue affects SBR Carrier with EAP authentication configured only when using Enhanced EAP Logging and TraceLevel setting of 2.\n\n \u003cSBR_Installed_Directory\u003e/JNPRsbr/radius/radius.ini\n [Logging]\n LogLevel=2\n TraceLevel=2\n EnhancedEAPLogging = yes" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). This issue affects Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R19; 8.5.0 versions prior to 8.5.0R10; 8.6.0 versions prior to 8.6.0R4." } ] }, "exploit": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-121 Stack-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11180", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11180" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 8.4.1R19, 8.5.0R10, 8.6.0R4 and all subsequent releases." } ], "source": { "advisory": "JSA11180", "defect": [ "1465201" ], "discovery": "USER" }, "work_around": [ { "lang": "en", "value": "There are no viable workarounds for this issue." } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0276", "datePublished": "2021-07-15T20:00:45.706473Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-16T19:00:01.867Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-0287 (GCVE-0-2021-0287)
Vulnerability from cvelistv5
Published
2021-07-15 20:01
Modified
2024-09-16 19:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued link flaps will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 19.4 versions prior to 19.4R1-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R2; Juniper Networks Junos OS Evolved: 20.3-EVO versions prior to 20.3R2-EVO; 20.4-EVO versions prior to 20.4R2-EVO. This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | |||||||
---|---|---|---|---|---|---|---|---|---|
Juniper Networks | Junos OS |
Patch: unspecified < 19.4R1 Version: 19.4R1 < 19.4* Version: 20.1 < 20.1R2-S1, 20.1R3 Version: 20.2 < 20.2R2-S2, 20.2R3 Version: 20.3 < 20.3R2 |
|||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:32:10.669Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kb.juniper.net/JSA11189" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Junos OS", "vendor": "Juniper Networks", "versions": [ { "lessThan": "19.4R1", "status": "unaffected", "version": "unspecified", "versionType": "custom" }, { "changes": [ { "at": "19.4R1-S4, 19.4R3-S2", "status": "unaffected" } ], "lessThan": "19.4*", "status": "affected", "version": "19.4R1", "versionType": "custom" }, { "lessThan": "20.1R2-S1, 20.1R3", "status": "affected", "version": "20.1", "versionType": "custom" }, { "lessThan": "20.2R2-S2, 20.2R3", "status": "affected", "version": "20.2", "versionType": "custom" }, { "lessThan": "20.3R2", "status": "affected", "version": "20.3", "versionType": "custom" } ] }, { "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [ { "lessThan": "19.4R1-EVO", "status": "unaffected", "version": "unspecified", "versionType": "custom" }, { "lessThan": "19.4*", "status": "affected", "version": "19.4R1-EVO", "versionType": "custom" }, { "lessThan": "20.1*", "status": "affected", "version": "20.1R1-EVO", "versionType": "custom" }, { "lessThan": "20.2*", "status": "affected", "version": "20.2R1-EVO", "versionType": "custom" }, { "lessThan": "20.3R2-EVO", "status": "affected", "version": "20.3", "versionType": "custom" }, { "lessThan": "20.4R2-EVO", "status": "affected", "version": "20.4", "versionType": "custom" } ] } ], "configurations": [ { "lang": "en", "value": "The two config stanzas required to be affected by this issue are shown below:\n\n [ routing-options flex-algorithm \u003cname\u003e ]\n [ protocols isis source-packet-routing sensor-based-stats per-sid egress ]" } ], "datePublic": "2021-07-14T00:00:00", "descriptions": [ { "lang": "en", "value": "In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued link flaps will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 19.4 versions prior to 19.4R1-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R2; Juniper Networks Junos OS Evolved: 20.3-EVO versions prior to 20.3R2-EVO; 20.4-EVO versions prior to 20.4R2-EVO. This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO." } ], "exploits": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T20:01:01", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kb.juniper.net/JSA11189" } ], "solutions": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS: 19.4R1-S4, 19.4R3-S2, 20.1R2-S1, 20.1R3, 20.2R2-S2, 20.2R3, 20.3R2, 20.4R1, and all subsequent releases.\n\nJunos OS Evolved: 20.3R2-EVO, 20.4R2-EVO, 21.1R1-EVO, and all subsequent releases." } ], "source": { "advisory": "JSA11189", "defect": [ "1555627" ], "discovery": "USER" }, "title": "Junos OS and Junos OS Evolved: RPD could crash in SR-ISIS/MPLS environment due to a flap of an ISIS link in the network", "workarounds": [ { "lang": "en", "value": "Disabling IS-IS Flexible Algorithm for Segment Routing or sensor-based statistics will mitigate this issue." } ], "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0287", "STATE": "PUBLIC", "TITLE": "Junos OS and Junos OS Evolved: RPD could crash in SR-ISIS/MPLS environment due to a flap of an ISIS link in the network" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Junos OS", "version": { "version_data": [ { "version_affected": "\u003e", "version_name": "19.4", "version_value": "19.4R1" }, { "version_affected": "\u003c", "version_name": "19.4", "version_value": "19.4R1-S4, 19.4R3-S2" }, { "version_affected": "\u003c", "version_name": "20.1", "version_value": "20.1R2-S1, 20.1R3" }, { "version_affected": "\u003c", "version_name": "20.2", "version_value": "20.2R2-S2, 20.2R3" }, { "version_affected": "\u003c", "version_name": "20.3", "version_value": "20.3R2" }, { "version_affected": "!\u003c", "version_value": "19.4R1" } ] } }, { "product_name": "Junos OS Evolved", "version": { "version_data": [ { "version_affected": "\u003e", "version_name": "19.4", "version_value": "19.4R1-EVO" }, { "version_affected": "\u003e", "version_name": "20.1", "version_value": "20.1R1-EVO" }, { "version_affected": "\u003e", "version_name": "20.2", "version_value": "20.2R1-EVO" }, { "version_affected": "\u003c", "version_name": "20.3", "version_value": "20.3R2-EVO" }, { "version_affected": "\u003c", "version_name": "20.4", "version_value": "20.4R2-EVO" }, { "version_affected": "!\u003c", "version_value": "19.4R1-EVO" } ] } } ] }, "vendor_name": "Juniper Networks" } ] } }, "configuration": [ { "lang": "en", "value": "The two config stanzas required to be affected by this issue are shown below:\n\n [ routing-options flex-algorithm \u003cname\u003e ]\n [ protocols isis source-packet-routing sensor-based-stats per-sid egress ]" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued link flaps will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 19.4 versions prior to 19.4R1-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R2; Juniper Networks Junos OS Evolved: 20.3-EVO versions prior to 20.3R2-EVO; 20.4-EVO versions prior to 20.4R2-EVO. This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO." } ] }, "exploit": [ { "lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." } ], "generator": { "engine": "Vulnogram 0.0.9" }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.juniper.net/JSA11189", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11189" } ] }, "solution": [ { "lang": "en", "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS: 19.4R1-S4, 19.4R3-S2, 20.1R2-S1, 20.1R3, 20.2R2-S2, 20.2R3, 20.3R2, 20.4R1, and all subsequent releases.\n\nJunos OS Evolved: 20.3R2-EVO, 20.4R2-EVO, 21.1R1-EVO, and all subsequent releases." } ], "source": { "advisory": "JSA11189", "defect": [ "1555627" ], "discovery": "USER" }, "work_around": [ { "lang": "en", "value": "Disabling IS-IS Flexible Algorithm for Segment Routing or sensor-based statistics will mitigate this issue." } ] } } }, "cveMetadata": { "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-0287", "datePublished": "2021-07-15T20:01:01.666061Z", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-09-16T19:10:44.968Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…