fkie_cve-2021-31376
Vulnerability from fkie_nvd
Published
2021-10-19 19:15
Modified
2024-11-21 06:05
Severity ?
Summary
An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific DHCPv6 packets to the device and crashing the FXPC service. Continued receipt and processing of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms in ACX Series: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096 devices. Other ACX platforms are not affected from this issue. This issue affects Juniper Networks Junos OS on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: 18.4 version 18.4R3-S7 and later versions prior to 18.4R3-S8. This issue does not affect: Juniper Networks Junos OS 18.4 versions prior to 18.4R3-S7 on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA11241 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA11241 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "14FC491D-8DA8-4E79-A9A6-3629E41C847A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:acx1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF19CB03-4A42-48BC-A6E1-A6F56D40F422",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "648CB4A2-05FA-4445-BB4F-F9285A8E8A5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx2100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F5683A-7DCC-4691-AD3A-F2B66684DA9C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "154658D0-FE3E-43C1-8A4D-CAF67C9BCD98",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76E2CDA9-2379-482C-B509-D527AFE2C7D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36729286-5080-47E8-A961-976BF64F5A93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx5048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F8DB691-C9F4-4084-8563-642A2F63DA86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx5096:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44B58F51-4F0D-40BD-A90F-226A26F4646E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific DHCPv6 packets to the device and crashing the FXPC service. Continued receipt and processing of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms in ACX Series: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096 devices. Other ACX platforms are not affected from this issue. This issue affects Juniper Networks Junos OS on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: 18.4 version 18.4R3-S7 and later versions prior to 18.4R3-S8. This issue does not affect: Juniper Networks Junos OS 18.4 versions prior to 18.4R3-S7 on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096."
},
{
"lang": "es",
"value": "Una vulnerabilidad de comprobaci\u00f3n de entrada inapropiada en el proceso del Administrador del Motor de Reenv\u00edo de Paquetes (FXPC) de Juniper Networks Junos OS permite a un atacante causar una Denegaci\u00f3n de Servicio (DoS) mediante el env\u00edo de paquetes DHCPv6 espec\u00edficos al dispositivo y el bloqueo del servicio FXPC. La recepci\u00f3n y el procesamiento continuados de este paquete espec\u00edfico crear\u00e1n una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. Este problema afecta s\u00f3lo a las siguientes plataformas de la serie ACX: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096. Otras plataformas ACX no est\u00e1n afectadas por este problema. Este problema afecta a Juniper Networks Junos OS en ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: versi\u00f3n 18.4 18.4R3-S7 y versiones posteriores anteriores a 18.4R3-S8. Este problema no afecta: Juniper Networks Junos OS versiones 18.4 anteriores a 18.4R3-S7 en ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096"
}
],
"id": "CVE-2021-31376",
"lastModified": "2024-11-21T06:05:33.117",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
},
"published": "2021-10-19T19:15:10.840",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA11241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA11241"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…