Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2021-0225 |
CWE-ID | CWE-754 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Junos OS Evolved Operating systems & Components / Operating system |
Vendor | Juniper Networks, Inc. |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU52307
Risk: Medium
CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-0225
CWE-ID:
CWE-754 - Improper Check for Unusual or Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the stateless IP firewall filter does not work as expected. A remote attacker can cause the stateless firewall filter configuration which uses the action "policer" in certain combinations with other options to not take effect.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJunos OS Evolved: 19.1R1-EVO
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA11120&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.