Main Vulnerability Database Vulnerabilities #VU52230

Resource exhaustion in Juniper Junos OS - CVE-2021-0238

Published: April 15, 2021

Vulnerability identifier: #VU52230

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-0238

CWE-ID: CWE-400

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Juniper Junos OS

Software vendor:
Juniper Networks, Inc.

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. When a MX Series is configured as a Broadband Network Gateway (BNG) based on Layer 2 Tunneling Protocol (L2TP), executing certain CLI command may cause the system to run out of disk space, excessive disk usage may cause other complications.

Remediation

Install updates from vendor's website.

External links

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11133&cat=SIRT_1&actp=LIST

Resource exhaustion in Juniper Junos OS - CVE-2021-0238

Description

Remediation

External links

Please verify you're human