Lucene search

JuniperCVELIST:CVE-2021-0287

HistoryJul 15, 2021 - 8:01 p.m.

CVE-2021-0287 Junos OS and Junos OS Evolved: RPD could crash in SR-ISIS/MPLS environment due to a flap of an ISIS link in the network

2021-07-1520:01:01

CWE-754

juniper

www.cve.org

juniper networks devices

denial of service

rpd crash

sr-isis/mpls

vulnerability

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

25.0%

JSON

In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued link flaps will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 19.4 versions prior to 19.4R1-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R2; Juniper Networks Junos OS Evolved: 20.3-EVO versions prior to 20.3R2-EVO; 20.4-EVO versions prior to 20.4R2-EVO. This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO.

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "19.4R1",
        "status": "unaffected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "19.4R1-S4, 19.4R3-S2",
            "status": "unaffected"
          }
        ],
        "lessThan": "19.4*",
        "status": "affected",
        "version": "19.4R1",
        "versionType": "custom"
      },
      {
        "lessThan": "20.1R2-S1, 20.1R3",
        "status": "affected",
        "version": "20.1",
        "versionType": "custom"
      },
      {
        "lessThan": "20.2R2-S2, 20.2R3",
        "status": "affected",
        "version": "20.2",
        "versionType": "custom"
      },
      {
        "lessThan": "20.3R2",
        "status": "affected",
        "version": "20.3",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Junos OS Evolved",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "19.4R1-EVO",
        "status": "unaffected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "19.4*",
        "status": "affected",
        "version": "19.4R1-EVO",
        "versionType": "custom"
      },
      {
        "lessThan": "20.1*",
        "status": "affected",
        "version": "20.1R1-EVO",
        "versionType": "custom"
      },
      {
        "lessThan": "20.2*",
        "status": "affected",
        "version": "20.2R1-EVO",
        "versionType": "custom"
      },
      {
        "lessThan": "20.3R2-EVO",
        "status": "affected",
        "version": "20.3",
        "versionType": "custom"
      },
      {
        "lessThan": "20.4R2-EVO",
        "status": "affected",
        "version": "20.4",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA11189

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

25.0%

JSON

Related for CVELIST:CVE-2021-0287