#VU49577 Resource management error in Juniper Junos OS - CVE-2021-0207 

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Vulnerabilities #VU49577

#VU49577 Resource management error in Juniper Junos OS - CVE-2021-0207

Published: January 15, 2021 / Updated: January 18, 2021


Vulnerability identifier: #VU49577
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2021-0207
CWE-ID: CWE-399
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vulnerable software:
Juniper Junos OS
Software vendor:
Juniper Networks, Inc.

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices. As a result, certain traffic is not passed through the device upon receipt from an ingress interface filtering certain specific types of traffic, which is then being redirected to an egress interface on a different VLAN. This causes a Denial of Service (DoS) to those clients sending these particular types of traffic.

Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious, and can be targeted to the device, or destined through it for the issue to occur.

This issues affects IPv4 and IPv6 traffic.


Remediation

Install update from vendor's website.

Juniper Networks Junos OS:

  • 17.3 versions prior to 17.3R3-S7 on NFX250, QFX5K Series, EX4600;
  • 17.4 versions prior to 17.4R2-S11, 17.4R3-S3 on NFX250, QFX5K Series, EX4600;
  • 18.1 versions prior to 18.1R3-S9 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4600;
  • 18.2 versions prior to 18.2R3-S3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600;
  • 18.3 versions prior to 18.3R3-S1 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series;
  • 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series;
  • 19.1 versions prior to 19.1R1-S5, 19.1R2-S1, 19.1R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series;
  • 19.2 versions prior to 19.2R1-S5, 19.2R2 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series;
  • 19.3 versions prior to 19.3R2-S3, 19.3R3 on NFX250, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series;
  • 19.4 versions prior to 19.4R1-S2, 19.4R2 on NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series.

This issue does not affect Junos OS releases prior to 17.2R2.


External links