#VU49576 Resource management error in Juniper Junos OS - CVE-2021-0203
Published: January 15, 2021 / Updated: January 18, 2021
Juniper Junos OS
Juniper Networks, Inc.
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources on Juniper Networks EX and QFX5K Series platforms configured with Redundant Trunk Group (RTG). The Storm Control profile applied on the RTG interface might not take affect when it reaches the threshold condition. A remote attacker can perform a denial of service (DoS) attack.
Remediation
Install updates from vendor's website.
This issue affects Juniper Networks Junos OS on EX Series and QFX5K Series:
15.1 versions prior to 15.1R7-S7;
16.1 versions prior to 16.1R7-S8;
17.2 versions prior to 17.2R3-S4;
17.3 versions prior to 17.3R3-S8;
17.4 versions prior to 17.4R2-S11, 17.4R3-S2;
18.1 versions prior to 18.1R3-S10;
18.2 versions prior to 18.2R3-S5;
18.3 versions prior to 18.3R2-S4, 18.3R3-S2;
18.4 versions prior to 18.4R2-S5, 18.4R3-S3;
19.1 versions prior to 19.1R2-S2, 19.1R3-S2;
19.2 versions prior to 19.2R1-S5, 19.2R2-S1, 19.2R3;
19.3 versions prior to 19.3R2-S4, 19.3R3;
19.4 versions prior to 19.4R1-S3, 19.4R2-S1, 19.4R3;
20.1 versions prior to 20.1R1-S2, 20.1R2.