Lucene search

[email protected]NVD:CVE-2021-0208

HistoryJan 15, 2021 - 6:15 p.m.

CVE-2021-0208

2021-01-1518:15:14

CWE-20

[email protected]

web.nvd.nist.gov

improper input validation

routing protocol daemon

juniper networks junos os

denial of service

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

38.5%

JSON

An improper input validation vulnerability in the Routing Protocol Daemon (RPD) service of Juniper Networks Junos OS allows an attacker to send a malformed RSVP packet when bidirectional LSPs are in use, which when received by an egress router crashes the RPD causing a Denial of Service (DoS) condition. Continued receipt of the packet will sustain the Denial of Service. This issue affects: Juniper Networks Junos OS: All versions prior to 17.3R3-S10 except 15.1X49-D240 for SRX series; 17.4 versions prior to 17.4R3-S2; 18.1 versions prior to 18.1R3-S10; 18.2 versions prior to 18.2R2-S7, 18.2R3-S4; 18.3 versions prior to 18.3R3-S2; 18.4 versions prior to 18.4R1-S8, 18.4R2-S6, 18.4R3-S2; 19.1 versions prior to 19.1R1-S5, 19.1R3-S3; 19.2 versions prior to 19.2R3; 19.3 versions prior to 19.3R2-S5, 19.3R3; 19.4 versions prior to 19.4R2-S2, 19.4R3-S1; 20.1 versions prior to 20.1R1-S4, 20.1R2; 15.1X49 versions prior to 15.1X49-D240 on SRX Series. Juniper Networks Junos OS Evolved: 19.3 versions prior to 19.3R2-S5-EVO; 19.4 versions prior to 19.4R2-S2-EVO; 20.1 versions prior to 20.1R1-S4-EVO.

Affected configurations

Nvd

Node

juniperjunosMatch15.1x49-

juniperjunosMatch15.1x49d10

juniperjunosMatch15.1x49d100

juniperjunosMatch15.1x49d110

juniperjunosMatch15.1x49d120

juniperjunosMatch15.1x49d130

juniperjunosMatch15.1x49d140

juniperjunosMatch15.1x49d15

juniperjunosMatch15.1x49d150

juniperjunosMatch15.1x49d160

juniperjunosMatch15.1x49d170

juniperjunosMatch15.1x49d180

juniperjunosMatch15.1x49d190

juniperjunosMatch15.1x49d20

juniperjunosMatch15.1x49d200

juniperjunosMatch15.1x49d210

juniperjunosMatch15.1x49d25

juniperjunosMatch15.1x49d30

juniperjunosMatch15.1x49d35

juniperjunosMatch15.1x49d40

juniperjunosMatch15.1x49d45

juniperjunosMatch15.1x49d50

juniperjunosMatch15.1x49d55

juniperjunosMatch15.1x49d60

juniperjunosMatch15.1x49d65

juniperjunosMatch15.1x49d70

juniperjunosMatch15.1x49d75

juniperjunosMatch15.1x49d80

juniperjunosMatch15.1x49d90

juniperjunosMatch17.3-

juniperjunosMatch17.3r1-s1

juniperjunosMatch17.3r2

juniperjunosMatch17.3r2-s1

juniperjunosMatch17.3r2-s2

juniperjunosMatch17.3r2-s3

juniperjunosMatch17.3r2-s4

juniperjunosMatch17.3r2-s5

juniperjunosMatch17.3r3-

juniperjunosMatch17.3r3-s1

juniperjunosMatch17.3r3-s2

juniperjunosMatch17.3r3-s3

juniperjunosMatch17.3r3-s4

juniperjunosMatch17.3r3-s7

juniperjunosMatch17.3r3-s8

juniperjunosMatch17.3r3-s9

AND

junipersrx1500Match-

junipersrx300Match-

junipersrx320Match-

junipersrx340Match-

junipersrx345Match-

junipersrx380Match-

junipersrx4100Match-

junipersrx4200Match-

junipersrx4600Match-

junipersrx5400Match-

junipersrx550Match-

junipersrx5600Match-

junipersrx5800Match-

Node

juniperjunosMatch17.4-

juniperjunosMatch17.4r1

juniperjunosMatch17.4r1-s1

juniperjunosMatch17.4r1-s2

juniperjunosMatch17.4r1-s4

juniperjunosMatch17.4r1-s5

juniperjunosMatch17.4r1-s6

juniperjunosMatch17.4r1-s7

juniperjunosMatch17.4r2

juniperjunosMatch17.4r2-s1

juniperjunosMatch17.4r2-s10

juniperjunosMatch17.4r2-s11

juniperjunosMatch17.4r2-s2

juniperjunosMatch17.4r2-s3

juniperjunosMatch17.4r2-s4

juniperjunosMatch17.4r2-s5

juniperjunosMatch17.4r2-s6

juniperjunosMatch17.4r2-s7

juniperjunosMatch17.4r2-s8

juniperjunosMatch17.4r2-s9

juniperjunosMatch17.4r3

juniperjunosMatch17.4r3-s1

juniperjunosMatch18.1-

juniperjunosMatch18.1r1

juniperjunosMatch18.1r2

juniperjunosMatch18.1r2-s1

juniperjunosMatch18.1r2-s2

juniperjunosMatch18.1r2-s4

juniperjunosMatch18.1r3

juniperjunosMatch18.1r3-s1

juniperjunosMatch18.1r3-s2

juniperjunosMatch18.1r3-s3

juniperjunosMatch18.1r3-s4

juniperjunosMatch18.1r3-s6

juniperjunosMatch18.1r3-s7

juniperjunosMatch18.1r3-s8

juniperjunosMatch18.1r3-s9

juniperjunosMatch18.2-

juniperjunosMatch18.2r1

juniperjunosMatch18.2r1-

juniperjunosMatch18.2r1-s3

juniperjunosMatch18.2r1-s4

juniperjunosMatch18.2r1-s5

juniperjunosMatch18.2r2

juniperjunosMatch18.2r2-s1

juniperjunosMatch18.2r2-s2

juniperjunosMatch18.2r2-s3

juniperjunosMatch18.2r2-s4

juniperjunosMatch18.2r2-s5

juniperjunosMatch18.2r2-s6

juniperjunosMatch18.2r3

juniperjunosMatch18.2r3-s1

juniperjunosMatch18.2r3-s2

juniperjunosMatch18.2r3-s3

juniperjunosMatch18.3-

juniperjunosMatch18.3r1

juniperjunosMatch18.3r1-s1

juniperjunosMatch18.3r1-s2

juniperjunosMatch18.3r1-s3

juniperjunosMatch18.3r1-s5

juniperjunosMatch18.3r1-s6

juniperjunosMatch18.3r2

juniperjunosMatch18.3r2-s1

juniperjunosMatch18.3r2-s2

juniperjunosMatch18.3r2-s3

juniperjunosMatch18.3r2-s4

juniperjunosMatch18.3r3

juniperjunosMatch18.3r3-s1

juniperjunosMatch18.4-

juniperjunosMatch18.4r1

juniperjunosMatch18.4r1-s1

juniperjunosMatch18.4r1-s2

juniperjunosMatch18.4r1-s3

juniperjunosMatch18.4r1-s4

juniperjunosMatch18.4r1-s5

juniperjunosMatch18.4r1-s6

juniperjunosMatch18.4r1-s7

juniperjunosMatch18.4r2

juniperjunosMatch18.4r2-s1

juniperjunosMatch18.4r2-s2

juniperjunosMatch18.4r2-s3

juniperjunosMatch18.4r2-s4

juniperjunosMatch18.4r2-s5

juniperjunosMatch18.4r3

juniperjunosMatch18.4r3-s1

juniperjunosMatch19.1-

juniperjunosMatch19.1r1

juniperjunosMatch19.1r1-s1

juniperjunosMatch19.1r1-s2

juniperjunosMatch19.1r1-s3

juniperjunosMatch19.1r1-s4

juniperjunosMatch19.1r3

juniperjunosMatch19.1r3-s1

juniperjunosMatch19.1r3-s2

juniperjunosMatch19.2-

juniperjunosMatch19.2r1

juniperjunosMatch19.2r1-s1

juniperjunosMatch19.2r1-s2

juniperjunosMatch19.2r1-s3

juniperjunosMatch19.2r1-s4

juniperjunosMatch19.2r2

juniperjunosMatch19.3-

juniperjunosMatch19.3r1

juniperjunosMatch19.3r1-s1

juniperjunosMatch19.3r2

juniperjunosMatch19.3r2-s1

juniperjunosMatch19.3r2-s2

juniperjunosMatch19.3r2-s3

juniperjunosMatch19.3r2-s4

juniperjunosMatch19.4r1

juniperjunosMatch19.4r1-s1

juniperjunosMatch19.4r1-s2

juniperjunosMatch19.4r2

juniperjunosMatch19.4r2-s1

juniperjunosMatch19.4r3

juniperjunosMatch20.1r1

juniperjunosMatch20.1r1-s1

juniperjunosMatch20.1r1-s2

juniperjunosMatch20.1r1-s3

juniperjunos_os_evolvedMatch19.3r1

juniperjunos_os_evolvedMatch19.3r2

juniperjunos_os_evolvedMatch19.4r1

juniperjunos_os_evolvedMatch19.4r2

juniperjunos_os_evolvedMatch19.4r2-s1

juniperjunos_os_evolvedMatch20.1-

juniperjunos_os_evolvedMatch20.1r1

juniperjunos_os_evolvedMatch20.1r1-s1

VendorProductVersionCPE
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d15:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d160:*:*:*:*:*:*

Vendor	Product	Version	CPE
juniper	junos	15.1x49	cpe:2.3:o:juniper:junos:15.1x49:-::::::
juniper	junos	15.1x49	cpe:2.3:o:juniper:junos:15.1x49:d10::::::
juniper	junos	15.1x49	cpe:2.3:o:juniper:junos:15.1x49:d100::::::
juniper	junos	15.1x49	cpe:2.3:o:juniper:junos:15.1x49:d110::::::
juniper	junos	15.1x49	cpe:2.3:o:juniper:junos:15.1x49:d120::::::
juniper	junos	15.1x49	cpe:2.3:o:juniper:junos:15.1x49:d130::::::
juniper	junos	15.1x49	cpe:2.3:o:juniper:junos:15.1x49:d140::::::
juniper	junos	15.1x49	cpe:2.3:o:juniper:junos:15.1x49:d15::::::
juniper	junos	15.1x49	cpe:2.3:o:juniper:junos:15.1x49:d150::::::
juniper	junos	15.1x49	cpe:2.3:o:juniper:junos:15.1x49:d160::::::

Rows per page:

1-10 of 1851

References

kb.juniper.net/JSA11098

www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/corouted-bidirectional-edit-protocols-mpls.html

www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/disable-edit-protocols-rsvp.html

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

38.5%

JSON

Related for NVD:CVE-2021-0208

cve1 nessus1 prion1 cvelist1