Lucene search

[email protected]CVE-2021-0226

HistoryApr 22, 2021 - 8:15 p.m.

CVE-2021-0226

2021-04-2220:15:08

CWE-665

[email protected]

web.nvd.nist.gov

juniper networks

junos os

evolved devices

cve-2021-0226

ipv6

bgp

dos

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

42.4%

JSON

On Juniper Networks Junos OS Evolved devices, receipt of a specific IPv6 packet may cause an established IPv6 BGP session to terminate, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue does not affect IPv4 BGP sessions. This issue affects IBGP or EBGP peer sessions with IPv6. This issue affects: Juniper Networks Junos OS Evolved: 19.4 versions prior to 19.4R2-S3-EVO; 20.1 versions prior to 20.1R2-S3-EVO; 20.2 versions prior to 20.2R2-S1-EVO; 20.3 versions prior to 20.3R2-EVO. This issue does not affect Juniper Networks Junos OS releases.

Affected configurations

NVD

Node

juniperjunos_os_evolvedMatch20.1r1

juniperjunos_os_evolvedMatch20.1r1-s1

juniperjunos_os_evolvedMatch20.1r2

juniperjunos_os_evolvedMatch20.1r2-s1

juniperjunos_os_evolvedMatch20.1r2-s2

juniperjunos_os_evolvedMatch20.2r1

juniperjunos_os_evolvedMatch20.2r1-s1

juniperjunos_os_evolvedMatch20.2r2

juniperjunos_os_evolvedMatch20.3r1

juniperjunos_os_evolvedMatch20.3r1-s1

CPENameOperatorVersion
juniper:junos_os_evolvedjuniper junos os evolvedeq20.1
juniper:junos_os_evolvedjuniper junos os evolvedeq20.2
juniper:junos_os_evolvedjuniper junos os evolvedeq20.3

CPE	Name	Operator	Version
juniper:junos_os_evolved	juniper junos os evolved	eq	20.1
juniper:junos_os_evolved	juniper junos os evolved	eq	20.2
juniper:junos_os_evolved	juniper junos os evolved	eq	20.3

CNA Affected

[
  {
    "product": "Junos OS Evolved",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "19.4R2-S3-EVO",
        "status": "affected",
        "version": "19.4-EVO",
        "versionType": "custom"
      },
      {
        "lessThan": "20.1R2-S3-EVO",
        "status": "affected",
        "version": "20.1-EVO",
        "versionType": "custom"
      },
      {
        "lessThan": "20.2R2-S1-EVO",
        "status": "affected",
        "version": "20.2-EVO",
        "versionType": "custom"
      },
      {
        "lessThan": "20.3R2-EVO",
        "status": "affected",
        "version": "20.3-EVO",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA11121

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

42.4%

JSON

Related for CVE-2021-0226

nessus1 prion1 cvelist1 nvd1