Denial of service in Juniper Junos OS



Published: 2021-01-18
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2021-0207
CWE-ID CWE-399
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Juniper Junos OS
Operating systems & Components / Operating system

Vendor Juniper Networks, Inc.

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Resource management error

EUVDB-ID: #VU49577

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-0207

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices. As a result, certain traffic is not passed through the device upon receipt from an ingress interface filtering certain specific types of traffic, which is then being redirected to an egress interface on a different VLAN. This causes a Denial of Service (DoS) to those clients sending these particular types of traffic.

Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious, and can be targeted to the device, or destined through it for the issue to occur.

This issues affects IPv4 and IPv6 traffic.

Mitigation

Install update from vendor's website.

Juniper Networks Junos OS:

  • 17.3 versions prior to 17.3R3-S7 on NFX250, QFX5K Series, EX4600;
  • 17.4 versions prior to 17.4R2-S11, 17.4R3-S3 on NFX250, QFX5K Series, EX4600;
  • 18.1 versions prior to 18.1R3-S9 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4600;
  • 18.2 versions prior to 18.2R3-S3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600;
  • 18.3 versions prior to 18.3R3-S1 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series;
  • 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series;
  • 19.1 versions prior to 19.1R1-S5, 19.1R2-S1, 19.1R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series;
  • 19.2 versions prior to 19.2R1-S5, 19.2R2 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series;
  • 19.3 versions prior to 19.3R2-S3, 19.3R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series;
  • 19.4 versions prior to 19.4R1-S2, 19.4R2 on NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series.

This issue does not affect Junos OS releases prior to 17.2R2.

Vulnerable software versions

Juniper Junos OS: 17.3 - 20.1

External links

http://kb.juniper.net/JSA11097


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###