Vulnerability identifier: #VU49559

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-0202

CWE-ID: CWE-401

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Juniper Junos OS
Operating systems & Components / Operating system

Vendor: Juniper Networks, Inc.

Description
The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak when Integrated Routing and Bridging (IRB) interface is mapped to a VPLS instance or a Bridge-Domain. A remote attacker can trigger memory leak in the MPC which can cause an out of memory and MPC restarts.

Mitigation

Install updates from vendor's website.

This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series:

17.3R3-S8;

17.4R3-S2;

18.2R3-S4, 18.2R3-S5;

18.3R3-S2, 18.3R3-S3;

18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6;

19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1;

19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3;

20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2.

This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1.

Vulnerable software versions

Juniper Junos OS: 18.3 - 18.3R3-S3, 20.3, 20.2 - 20.2R1-S2, 19.4 - 19.4R2-S8, 19.2 - 19.2R3, 18.4 - 18.4R3-S5, 17.4 - 17.4R3-S2, 18.2 - 18.2R3-S5, 17.3 - 17.3R3-S8

---

External links
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11092&cat=SIRT_1&actp=LIST

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.