Lucene search

[email protected]CVE-2021-31367

HistoryOct 19, 2021 - 7:15 p.m.

CVE-2021-31367

2021-10-1919:15:09

CWE-401

[email protected]

web.nvd.nist.gov

cve-2021-31367

information security

vulnerability

juniper networks

denial of service

dos

packet forwarding engine

pfe

bgp

flowspec

memory leak

2.9 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

25.2%

JSON

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows an adjacent attacker to cause a Denial of Service (DoS) by sending genuine BGP flowspec packets which cause an FPC heap memory leak. Once having run out of memory the FPC will crash and restart along with a core dump. Continued receipted of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS All versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S6; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos Evolved is not affected.

Affected configurations

NVD

Node

juniperjunosMatch18.4-

juniperjunosMatch18.4r1

juniperjunosMatch18.4r1-s1

juniperjunosMatch18.4r1-s2

juniperjunosMatch18.4r1-s3

juniperjunosMatch18.4r1-s4

juniperjunosMatch18.4r1-s5

juniperjunosMatch18.4r1-s6

juniperjunosMatch18.4r1-s7

juniperjunosMatch18.4r2

juniperjunosMatch18.4r2-s1

juniperjunosMatch18.4r2-s2

juniperjunosMatch18.4r2-s3

juniperjunosMatch18.4r2-s4

juniperjunosMatch18.4r2-s5

juniperjunosMatch18.4r2-s6

juniperjunosMatch18.4r2-s7

juniperjunosMatch18.4r2-s8

juniperjunosMatch18.4r3

juniperjunosMatch18.4r3-s1

juniperjunosMatch18.4r3-s2

juniperjunosMatch18.4r3-s3

juniperjunosMatch18.4r3-s4

juniperjunosMatch18.4r3-s5

juniperjunosMatch18.4r3-s6

juniperjunosMatch18.4r3-s7

juniperjunosMatch18.4r3-s8

juniperjunosMatch19.1-

juniperjunosMatch19.1r1

juniperjunosMatch19.1r1-s1

juniperjunosMatch19.1r1-s2

juniperjunosMatch19.1r1-s3

juniperjunosMatch19.1r1-s4

juniperjunosMatch19.1r1-s5

juniperjunosMatch19.1r1-s6

juniperjunosMatch19.1r2

juniperjunosMatch19.1r2-s1

juniperjunosMatch19.1r2-s2

juniperjunosMatch19.1r3

juniperjunosMatch19.1r3-s1

juniperjunosMatch19.1r3-s2

juniperjunosMatch19.1r3-s3

juniperjunosMatch19.1r3-s4

juniperjunosMatch19.1r3-s5

juniperjunosMatch19.1r3-s6

juniperjunosMatch19.2-

juniperjunosMatch19.2r1

juniperjunosMatch19.2r1-s1

juniperjunosMatch19.2r1-s2

juniperjunosMatch19.2r1-s3

juniperjunosMatch19.2r1-s4

juniperjunosMatch19.2r1-s5

juniperjunosMatch19.2r1-s6

juniperjunosMatch19.2r2

juniperjunosMatch19.2r2-s1

juniperjunosMatch19.2r3

juniperjunosMatch19.2r3-s1

juniperjunosMatch19.2r3-s2

juniperjunosMatch19.3-

juniperjunosMatch19.3r1

juniperjunosMatch19.3r1-s1

juniperjunosMatch19.3r2

juniperjunosMatch19.3r2-s1

juniperjunosMatch19.3r2-s2

juniperjunosMatch19.3r2-s3

juniperjunosMatch19.3r2-s4

juniperjunosMatch19.3r2-s5

juniperjunosMatch19.3r3

juniperjunosMatch19.3r3-s1

juniperjunosMatch19.3r3-s2

juniperjunosMatch19.4r1

juniperjunosMatch19.4r1-s1

juniperjunosMatch19.4r1-s2

juniperjunosMatch19.4r1-s3

juniperjunosMatch19.4r3

juniperjunosMatch19.4r3-s1

juniperjunosMatch19.4r3-s2

juniperjunosMatch19.4r3-s3

juniperjunosMatch19.4r3-s4

juniperjunosMatch19.4r3-s5

juniperjunosMatch20.1r1

juniperjunosMatch20.1r1-s1

juniperjunosMatch20.1r1-s2

juniperjunosMatch20.1r1-s3

juniperjunosMatch20.1r1-s4

juniperjunosMatch20.1r2

juniperjunosMatch20.1r2-s1

juniperjunosMatch20.2r1

juniperjunosMatch20.2r1-s1

juniperjunosMatch20.2r1-s2

juniperjunosMatch20.2r1-s3

juniperjunosMatch20.2r2

juniperjunosMatch20.2r2-s1

juniperjunosMatch20.2r2-s2

juniperjunosMatch20.2r2-s3

juniperjunosMatch20.2r3

juniperjunosMatch20.3r1

juniperjunosMatch20.3r1-s1

juniperjunosMatch20.3r2

juniperjunosMatch20.3r2-s1

juniperjunosMatch20.4r1

juniperjunosMatch20.4r1-s1

juniperjunosMatch20.4r2

juniperjunosMatch20.4r2-s1

juniperjunosMatch21.1r1

juniperjunosMatch21.1r1-s1

AND

juniperptx1000Match-

juniperptx10001-36mrMatch-

juniperptx10002Match-

juniperptx10003Match-

juniperptx10004Match-

juniperptx10008Match-

juniperptx10016Match-

juniperptx3000Match-

juniperptx5000Match-

CPENameOperatorVersion
juniper:junosjuniper junoseq18.4
juniper:junosjuniper junoseq19.1
juniper:junosjuniper junoseq19.2
juniper:junosjuniper junoseq19.3
juniper:junosjuniper junoseq19.4
juniper:junosjuniper junoseq20.1
juniper:junosjuniper junoseq20.2
juniper:junosjuniper junoseq20.3
juniper:junosjuniper junoseq20.4
juniper:junosjuniper junoseq21.1

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	18.4
juniper:junos	juniper junos	eq	19.1
juniper:junos	juniper junos	eq	19.2
juniper:junos	juniper junos	eq	19.3
juniper:junos	juniper junos	eq	19.4
juniper:junos	juniper junos	eq	20.1
juniper:junos	juniper junos	eq	20.2
juniper:junos	juniper junos	eq	20.3
juniper:junos	juniper junos	eq	20.4
juniper:junos	juniper junos	eq	21.1

CNA Affected

[
  {
    "platforms": [
      "PTX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "18.4R3-S9",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "19.1R3-S7",
        "status": "affected",
        "version": "19.1",
        "versionType": "custom"
      },
      {
        "lessThan": "19.2R1-S7, 19.2R3-S3",
        "status": "affected",
        "version": "19.2",
        "versionType": "custom"
      },
      {
        "lessThan": "19.3R2-S6, 19.3R3-S3",
        "status": "affected",
        "version": "19.3",
        "versionType": "custom"
      },
      {
        "lessThan": "19.4R1-S4, 19.4R3-S6",
        "status": "affected",
        "version": "19.4",
        "versionType": "custom"
      },
      {
        "lessThan": "20.1R2-S2, 20.1R3",
        "status": "affected",
        "version": "20.1",
        "versionType": "custom"
      },
      {
        "lessThan": "20.2R3-S1",
        "status": "affected",
        "version": "20.2",
        "versionType": "custom"
      },
      {
        "lessThan": "20.3R3",
        "status": "affected",
        "version": "20.3",
        "versionType": "custom"
      },
      {
        "lessThan": "20.4R3",
        "status": "affected",
        "version": "20.4",
        "versionType": "custom"
      },
      {
        "lessThan": "21.1R2",
        "status": "affected",
        "version": "21.1",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA11229

2.9 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

25.2%

JSON

Related for CVE-2021-31367

prion1 nvd1 nessus1 cvelist1