Lucene search

[email protected]CVE-2021-0229

HistoryApr 22, 2021 - 8:15 p.m.

CVE-2021-0229

2021-04-2220:15:08

CWE-400

[email protected]

web.nvd.nist.gov

cve-2021-0229

juniper networks

junos os

mqtt

dos

vulnerability

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

39.5%

JSON

An uncontrolled resource consumption vulnerability in Message Queue Telemetry Transport (MQTT) server of Juniper Networks Junos OS allows an attacker to cause MQTT server to crash and restart leading to a Denial of Service (DoS) by sending a stream of specific packets. A Juniper Extension Toolkit (JET) application designed with a listening port uses the Message Queue Telemetry Transport (MQTT) protocol to connect to a mosquitto broker that is running on Junos OS to subscribe for events. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: 16.1R1 and later versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 16.1R1.

Affected configurations

NVD

Node

juniperjunosMatch16.1r1

juniperjunosMatch16.1r2

juniperjunosMatch16.1r3

juniperjunosMatch16.1r3-s10

juniperjunosMatch16.1r3-s11

juniperjunosMatch16.1r3-s8

juniperjunosMatch16.1r4

juniperjunosMatch16.1r4-s12

juniperjunosMatch16.1r4-s2

juniperjunosMatch16.1r4-s3

juniperjunosMatch16.1r4-s4

juniperjunosMatch16.1r4-s6

juniperjunosMatch16.1r4-s8

juniperjunosMatch16.1r4-s9

juniperjunosMatch16.1r5

juniperjunosMatch16.1r5-s4

juniperjunosMatch16.1r6

juniperjunosMatch16.1r6-s1

juniperjunosMatch16.1r6-s3

juniperjunosMatch16.1r6-s4

juniperjunosMatch16.1r6-s6

juniperjunosMatch16.1r7

juniperjunosMatch16.1r7-s2

juniperjunosMatch16.1r7-s3

juniperjunosMatch16.1r7-s4

juniperjunosMatch16.1r7-s5

juniperjunosMatch16.1r7-s6

juniperjunosMatch16.1r7-s7

juniperjunosMatch16.2-

juniperjunosMatch16.2r1

juniperjunosMatch16.2r1-s6

juniperjunosMatch16.2r2

juniperjunosMatch16.2r2-s1

juniperjunosMatch16.2r2-s10

juniperjunosMatch16.2r2-s2

juniperjunosMatch16.2r2-s5

juniperjunosMatch16.2r2-s6

juniperjunosMatch16.2r2-s7

juniperjunosMatch16.2r2-s8

juniperjunosMatch16.2r2-s9

juniperjunosMatch16.2r3

juniperjunosMatch17.1-

juniperjunosMatch17.1r1

juniperjunosMatch17.1r1-s7

juniperjunosMatch17.1r2

juniperjunosMatch17.1r2-s1

juniperjunosMatch17.1r2-s10

juniperjunosMatch17.1r2-s11

juniperjunosMatch17.1r2-s2

juniperjunosMatch17.1r2-s3

juniperjunosMatch17.1r2-s4

juniperjunosMatch17.1r2-s5

juniperjunosMatch17.1r2-s6

juniperjunosMatch17.1r2-s7

juniperjunosMatch17.1r2-s8

juniperjunosMatch17.1r2-s9

juniperjunosMatch17.1r3

juniperjunosMatch17.1r3-s1

juniperjunosMatch17.2-

juniperjunosMatch17.2r1

juniperjunosMatch17.2r1-s1

juniperjunosMatch17.2r1-s2

juniperjunosMatch17.2r1-s3

juniperjunosMatch17.2r1-s4

juniperjunosMatch17.2r1-s5

juniperjunosMatch17.2r1-s6

juniperjunosMatch17.2r1-s7

juniperjunosMatch17.2r1-s8

juniperjunosMatch17.2r2

juniperjunosMatch17.2r2-s11

juniperjunosMatch17.2r2-s4

juniperjunosMatch17.2r2-s6

juniperjunosMatch17.2r2-s7

juniperjunosMatch17.2r3

juniperjunosMatch17.2r3-s1

juniperjunosMatch17.2r3-s2

juniperjunosMatch17.2r3-s3

juniperjunosMatch17.3-

juniperjunosMatch17.3r1

juniperjunosMatch17.3r1-s1

juniperjunosMatch17.3r1-s4

juniperjunosMatch17.3r2

juniperjunosMatch17.3r2-s1

juniperjunosMatch17.3r2-s2

juniperjunosMatch17.3r2-s3

juniperjunosMatch17.3r2-s4

juniperjunosMatch17.3r2-s5

juniperjunosMatch17.3r3

juniperjunosMatch17.3r3-

juniperjunosMatch17.3r3-s1

juniperjunosMatch17.3r3-s10

juniperjunosMatch17.3r3-s2

juniperjunosMatch17.3r3-s3

juniperjunosMatch17.3r3-s4

juniperjunosMatch17.3r3-s5

juniperjunosMatch17.3r3-s6

juniperjunosMatch17.3r3-s7

juniperjunosMatch17.3r3-s8

juniperjunosMatch17.3r3-s9

juniperjunosMatch17.4-

juniperjunosMatch17.4r1

juniperjunosMatch17.4r1-s1

juniperjunosMatch17.4r1-s2

juniperjunosMatch17.4r1-s3

juniperjunosMatch17.4r1-s4

juniperjunosMatch17.4r1-s5

juniperjunosMatch17.4r1-s6

juniperjunosMatch17.4r1-s7

juniperjunosMatch17.4r2

juniperjunosMatch17.4r2-s1

juniperjunosMatch17.4r2-s10

juniperjunosMatch17.4r2-s11

juniperjunosMatch17.4r2-s12

juniperjunosMatch17.4r2-s2

juniperjunosMatch17.4r2-s3

juniperjunosMatch17.4r2-s4

juniperjunosMatch17.4r2-s5

juniperjunosMatch17.4r2-s6

juniperjunosMatch17.4r2-s7

juniperjunosMatch17.4r2-s8

juniperjunosMatch17.4r2-s9

juniperjunosMatch17.4r3

juniperjunosMatch17.4r3-s1

juniperjunosMatch17.4r3-s2

juniperjunosMatch17.4r3-s3

juniperjunosMatch18.1-

juniperjunosMatch18.1r1

juniperjunosMatch18.1r2

juniperjunosMatch18.1r2-s1

juniperjunosMatch18.1r2-s2

juniperjunosMatch18.1r2-s4

juniperjunosMatch18.1r3

juniperjunosMatch18.1r3-s1

juniperjunosMatch18.1r3-s10

juniperjunosMatch18.1r3-s11

juniperjunosMatch18.1r3-s2

juniperjunosMatch18.1r3-s3

juniperjunosMatch18.1r3-s4

juniperjunosMatch18.1r3-s5

juniperjunosMatch18.1r3-s6

juniperjunosMatch18.1r3-s7

juniperjunosMatch18.1r3-s8

juniperjunosMatch18.1r3-s9

juniperjunosMatch18.2-

juniperjunosMatch18.2r1

juniperjunosMatch18.2r1-

juniperjunosMatch18.2r1-s2

juniperjunosMatch18.2r1-s3

juniperjunosMatch18.2r1-s4

juniperjunosMatch18.2r1-s5

juniperjunosMatch18.2r2

juniperjunosMatch18.2r2-s1

juniperjunosMatch18.2r2-s2

juniperjunosMatch18.2r2-s3

juniperjunosMatch18.2r2-s4

juniperjunosMatch18.2r2-s5

juniperjunosMatch18.2r2-s6

juniperjunosMatch18.2r2-s7

juniperjunosMatch18.2r3

juniperjunosMatch18.2r3-s1

juniperjunosMatch18.2r3-s2

juniperjunosMatch18.2r3-s3

juniperjunosMatch18.2r3-s4

juniperjunosMatch18.2r3-s5

juniperjunosMatch18.2r3-s6

juniperjunosMatch18.3-

juniperjunosMatch18.3r1

juniperjunosMatch18.3r1-s1

juniperjunosMatch18.3r1-s2

juniperjunosMatch18.3r1-s3

juniperjunosMatch18.3r1-s4

juniperjunosMatch18.3r1-s5

juniperjunosMatch18.3r1-s6

juniperjunosMatch18.3r2

juniperjunosMatch18.3r2-s1

juniperjunosMatch18.3r2-s2

juniperjunosMatch18.3r2-s3

juniperjunosMatch18.3r2-s4

juniperjunosMatch18.3r3

juniperjunosMatch18.3r3-s1

juniperjunosMatch18.3r3-s2

juniperjunosMatch18.3r3-s3

juniperjunosMatch18.4-

juniperjunosMatch18.4r1

juniperjunosMatch18.4r1-s1

juniperjunosMatch18.4r1-s2

juniperjunosMatch18.4r1-s3

juniperjunosMatch18.4r1-s4

juniperjunosMatch18.4r1-s5

juniperjunosMatch18.4r1-s6

juniperjunosMatch18.4r1-s7

juniperjunosMatch18.4r2

juniperjunosMatch18.4r2-s1

juniperjunosMatch18.4r2-s2

juniperjunosMatch18.4r2-s3

juniperjunosMatch18.4r2-s4

juniperjunosMatch18.4r2-s5

juniperjunosMatch18.4r2-s6

juniperjunosMatch18.4r3

juniperjunosMatch18.4r3-s1

juniperjunosMatch18.4r3-s2

juniperjunosMatch18.4r3-s3

juniperjunosMatch18.4r3-s4

juniperjunosMatch18.4r3-s5

juniperjunosMatch18.4r3-s6

juniperjunosMatch19.1-

juniperjunosMatch19.1r1

juniperjunosMatch19.1r1-s1

juniperjunosMatch19.1r1-s2

juniperjunosMatch19.1r1-s3

juniperjunosMatch19.1r1-s4

juniperjunosMatch19.1r1-s5

juniperjunosMatch19.1r2

juniperjunosMatch19.1r2-s1

juniperjunosMatch19.1r3

juniperjunosMatch19.1r3-s1

juniperjunosMatch19.1r3-s2

juniperjunosMatch19.1r3-s3

juniperjunosMatch19.1r3-s4

juniperjunosMatch19.2-

juniperjunosMatch19.2r1

juniperjunosMatch19.2r1-s1

juniperjunosMatch19.2r1-s2

juniperjunosMatch19.2r1-s3

juniperjunosMatch19.2r1-s4

juniperjunosMatch19.2r1-s5

juniperjunosMatch19.2r2

juniperjunosMatch19.2r2-s1

juniperjunosMatch19.2r3

juniperjunosMatch19.2r3-s1

juniperjunosMatch19.3-

juniperjunosMatch19.3r1

juniperjunosMatch19.3r1-s1

juniperjunosMatch19.3r2

juniperjunosMatch19.3r2-s1

juniperjunosMatch19.3r2-s2

juniperjunosMatch19.3r2-s3

juniperjunosMatch19.3r2-s4

juniperjunosMatch19.3r2-s5

juniperjunosMatch19.3r3

juniperjunosMatch19.4r1

juniperjunosMatch19.4r1-s1

juniperjunosMatch19.4r1-s2

juniperjunosMatch19.4r2

juniperjunosMatch19.4r2-s1

juniperjunosMatch19.4r2-s2

juniperjunosMatch19.4r2-s3

juniperjunosMatch19.4r3

juniperjunosMatch19.4r3-s1

juniperjunosMatch20.1r1

juniperjunosMatch20.1r1-s1

juniperjunosMatch20.1r1-s2

juniperjunosMatch20.1r1-s3

juniperjunosMatch20.1r1-s4

juniperjunosMatch20.2r1

juniperjunosMatch20.2r1-s1

juniperjunosMatch20.2r1-s2

juniperjunosMatch20.2r2

juniperjunosMatch20.2r2-s1

juniperjunosMatch20.3r1

CPENameOperatorVersion
juniper:junosjuniper junoseq16.1
juniper:junosjuniper junoseq16.2
juniper:junosjuniper junoseq17.1
juniper:junosjuniper junoseq17.2
juniper:junosjuniper junoseq17.3
juniper:junosjuniper junoseq17.4
juniper:junosjuniper junoseq18.1
juniper:junosjuniper junoseq18.2
juniper:junosjuniper junoseq18.3
juniper:junosjuniper junoseq18.4

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	16.1
juniper:junos	juniper junos	eq	16.2
juniper:junos	juniper junos	eq	17.1
juniper:junos	juniper junos	eq	17.2
juniper:junos	juniper junos	eq	17.3
juniper:junos	juniper junos	eq	17.4
juniper:junos	juniper junos	eq	18.1
juniper:junos	juniper junos	eq	18.2
juniper:junos	juniper junos	eq	18.3
juniper:junos	juniper junos	eq	18.4

Rows per page:

1-10 of 171

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "16.1*",
        "status": "affected",
        "version": "16.1R1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3-S11",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R2-S13, 17.4R3-S4",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R3-S12",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R2-S8, 18.2R3-S7",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      },
      {
        "lessThan": "18.3R3-S4",
        "status": "affected",
        "version": "18.3",
        "versionType": "custom"
      },
      {
        "lessThan": "18.4R1-S8, 18.4R2-S7, 18.4R3-S7",
        "status": "affected",
        "version": "18.4",
        "versionType": "custom"
      },
      {
        "lessThan": "19.1R3-S5",
        "status": "affected",
        "version": "19.1",
        "versionType": "custom"
      },
      {
        "lessThan": "19.2R1-S6, 19.2R3-S2",
        "status": "affected",
        "version": "19.2",
        "versionType": "custom"
      },
      {
        "lessThan": "19.3R3-S2",
        "status": "affected",
        "version": "19.3",
        "versionType": "custom"
      },
      {
        "lessThan": "19.4R2-S4, 19.4R3-S2",
        "status": "affected",
        "version": "19.4",
        "versionType": "custom"
      },
      {
        "lessThan": "20.1R2-S1, 20.1R3",
        "status": "affected",
        "version": "20.1",
        "versionType": "custom"
      },
      {
        "lessThan": "20.2R2-S2, 20.2R3",
        "status": "affected",
        "version": "20.2",
        "versionType": "custom"
      },
      {
        "lessThan": "20.3R1-S1, 20.3R2",
        "status": "affected",
        "version": "20.3",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA11124

Social References

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

39.5%

JSON

Related for CVE-2021-0229

nvd1 prion1 cvelist1