Lucene search

JuniperCVE-2021-0206

HistoryJan 15, 2021 - 6:15 p.m.

CVE-2021-0206

2021-01-1518:15:14

CWE-476

juniper

web.nvd.nist.gov

cve-2021-0206

juniper networks

junos os

vulnerability

dos

nfx series

srx series

ssl proxy

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

41.9%

JSON

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to send a specific packet causing the packet forwarding engine (PFE) to crash and restart, resulting in a Denial of Service (DoS). By continuously sending these specific packets, an attacker can repeatedly disable the PFE causing a sustained Denial of Service (DoS). This issue only affects Juniper Networks NFX Series, SRX Series platforms when SSL Proxy is configured. This issue affects Juniper Networks Junos OS on NFX Series and SRX Series: 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S1; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3; 19.2 versions prior to 19.2R1-S2, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS versions on NFX Series and SRX Series prior to 18.3R1.

Affected configurations

Nvd

Node

juniperjunosMatch18.3-

juniperjunosMatch18.3r1

juniperjunosMatch18.3r1-s1

juniperjunosMatch18.3r1-s2

juniperjunosMatch18.3r1-s3

juniperjunosMatch18.3r1-s5

juniperjunosMatch18.3r1-s6

juniperjunosMatch18.3r2

juniperjunosMatch18.3r2-s1

juniperjunosMatch18.3r2-s2

juniperjunosMatch18.3r2-s3

juniperjunosMatch18.3r2-s4

juniperjunosMatch18.3r3

juniperjunosMatch18.3r3-s1

juniperjunosMatch18.3r3-s2

juniperjunosMatch18.3r3-s3

juniperjunosMatch18.4-

juniperjunosMatch18.4r1

juniperjunosMatch18.4r1-s1

juniperjunosMatch18.4r1-s2

juniperjunosMatch18.4r1-s5

juniperjunosMatch18.4r1-s6

juniperjunosMatch18.4r2

juniperjunosMatch18.4r2-s1

juniperjunosMatch18.4r2-s2

juniperjunosMatch18.4r2-s3

juniperjunosMatch18.4r2-s4

juniperjunosMatch18.4r3

juniperjunosMatch19.1-

juniperjunosMatch19.1r1

juniperjunosMatch19.1r1-s1

juniperjunosMatch19.1r1-s2

juniperjunosMatch19.1r1-s3

juniperjunosMatch19.1r1-s4

juniperjunosMatch19.1r1-s5

juniperjunosMatch19.1r2

juniperjunosMatch19.1r2-s1

juniperjunosMatch19.2-

juniperjunosMatch19.2r1

juniperjunosMatch19.2r1-s1

juniperjunosMatch19.3-

juniperjunosMatch19.3r1

juniperjunosMatch19.3r1-s1

AND

junipernfx150Match-

junipernfx250Match-

junipernfx350Match-

junipersrx1500Match-

junipersrx300Match-

junipersrx320Match-

junipersrx340Match-

junipersrx345Match-

junipersrx380Match-

junipersrx4100Match-

junipersrx4200Match-

junipersrx4600Match-

junipersrx5400Match-

junipersrx550Match-

junipersrx5600Match-

junipersrx5800Match-

VendorProductVersionCPE
juniperjunos18.3cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*
juniperjunos18.3cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*
juniperjunos18.3cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*
juniperjunos18.3cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*
juniperjunos18.3cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*
juniperjunos18.3cpe:2.3:o:juniper:junos:18.3:r1-s5:*:*:*:*:*:*
juniperjunos18.3cpe:2.3:o:juniper:junos:18.3:r1-s6:*:*:*:*:*:*
juniperjunos18.3cpe:2.3:o:juniper:junos:18.3:r2:*:*:*:*:*:*
juniperjunos18.3cpe:2.3:o:juniper:junos:18.3:r2-s1:*:*:*:*:*:*
juniperjunos18.3cpe:2.3:o:juniper:junos:18.3:r2-s2:*:*:*:*:*:*

Vendor	Product	Version	CPE
juniper	junos	18.3	cpe:2.3:o:juniper:junos:18.3:-::::::
juniper	junos	18.3	cpe:2.3:o:juniper:junos:18.3:r1::::::
juniper	junos	18.3	cpe:2.3:o:juniper:junos:18.3:r1-s1::::::
juniper	junos	18.3	cpe:2.3:o:juniper:junos:18.3:r1-s2::::::
juniper	junos	18.3	cpe:2.3:o:juniper:junos:18.3:r1-s3::::::
juniper	junos	18.3	cpe:2.3:o:juniper:junos:18.3:r1-s5::::::
juniper	junos	18.3	cpe:2.3:o:juniper:junos:18.3:r1-s6::::::
juniper	junos	18.3	cpe:2.3:o:juniper:junos:18.3:r2::::::
juniper	junos	18.3	cpe:2.3:o:juniper:junos:18.3:r2-s1::::::
juniper	junos	18.3	cpe:2.3:o:juniper:junos:18.3:r2-s2::::::

Rows per page:

1-10 of 591

CNA Affected

[
  {
    "platforms": [
      "NFX Series, SRX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "changes": [
          {
            "at": "18.3R3-S4",
            "status": "unaffected"
          }
        ],
        "lessThan": "18.3*",
        "status": "affected",
        "version": "18.3R1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.4R3-S1",
        "status": "affected",
        "version": "18.4",
        "versionType": "custom"
      },
      {
        "lessThan": "19.1R1-S6, 19.1R2-S2, 19.1R3",
        "status": "affected",
        "version": "19.1",
        "versionType": "custom"
      },
      {
        "lessThan": "19.2R1-S2, 19.2R2",
        "status": "affected",
        "version": "19.2",
        "versionType": "custom"
      },
      {
        "lessThan": "19.3R2",
        "status": "affected",
        "version": "19.3",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA11096

Social References

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

41.9%

JSON

Related for CVE-2021-0206