Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-0272
HistoryApr 22, 2021 - 8:15 p.m.

CVE-2021-0272

2021-04-2220:15:10
CWE-401
[email protected]
web.nvd.nist.gov
22
juniper networks
junos os
qfx10002
qfx10008
denial of service
dos
security vulnerability
memory leak
cve-2021-0272

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.2%

JSON

A kernel memory leak in QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016 devices Flexible PIC Concentrators (FPCs) on Juniper Networks Junos OS allows an attacker to send genuine packets destined to the device to cause a Denial of Service (DoS) to the device. On QFX10002-32Q, QFX10002-60C, QFX10002-72Q devices the device will crash and restart. On QFX10008, QFX10016 devices, depending on the number of FPCs involved in an attack, one more more FPCs may crash and traffic through the device may be degraded in other ways, until the attack traffic stops. A reboot is required to restore service and clear the kernel memory. Continued receipt and processing of these genuine packets will create a sustained Denial of Service (DoS) condition. On QFX10008, QFX10016 devices, an indicator of compromise may be the existence of DCPFE core files. You can also monitor PFE memory utilization for incremental growth: user@qfx-RE:0% cprod -A fpc0 -c “show heap 0” | grep -i ke 0 3788a1b0 3221225048 2417120656 804104392 24 Kernel user@qfx-RE:0% cprod -A fpc0 -c “show heap 0” | grep -i ke 0 3788a1b0 3221225048 2332332200 888892848 27 Kernel This issue affects: Juniper Networks Junos OS on QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016: 16.1 versions 16.1R1 and above prior to 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R3-S2; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R3; 19.3 versions prior to 19.3R3; 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2. This issue does not affect releases prior to Junos OS 16.1R1. This issue does not affect EX Series devices. This issue does not affect Junos OS Evolved.

Affected configurations

NVD
Node
juniperjunosMatch16.1r1
OR
juniperjunosMatch16.1r2
OR
juniperjunosMatch16.1r3
OR
juniperjunosMatch16.1r3-s10
OR
juniperjunosMatch16.1r3-s11
OR
juniperjunosMatch16.1r3-s8
OR
juniperjunosMatch16.1r4
OR
juniperjunosMatch16.1r4-s12
OR
juniperjunosMatch16.1r4-s2
OR
juniperjunosMatch16.1r4-s3
OR
juniperjunosMatch16.1r4-s4
OR
juniperjunosMatch16.1r4-s6
OR
juniperjunosMatch16.1r4-s8
OR
juniperjunosMatch16.1r4-s9
OR
juniperjunosMatch16.1r5
OR
juniperjunosMatch16.1r5-s4
OR
juniperjunosMatch16.1r6
OR
juniperjunosMatch16.1r6-s1
OR
juniperjunosMatch16.1r6-s3
OR
juniperjunosMatch16.1r6-s4
OR
juniperjunosMatch16.1r6-s6
OR
juniperjunosMatch16.1r7
OR
juniperjunosMatch16.1r7-s2
OR
juniperjunosMatch16.1r7-s3
OR
juniperjunosMatch16.1r7-s4
OR
juniperjunosMatch16.1r7-s5
OR
juniperjunosMatch16.1r7-s6
OR
juniperjunosMatch16.1r7-s7
OR
juniperjunosMatch16.1r7-s8
OR
juniperjunosMatch16.2-
OR
juniperjunosMatch16.2r1
OR
juniperjunosMatch16.2r1-s6
OR
juniperjunosMatch16.2r2
OR
juniperjunosMatch16.2r2-s1
OR
juniperjunosMatch16.2r2-s10
OR
juniperjunosMatch16.2r2-s2
OR
juniperjunosMatch16.2r2-s5
OR
juniperjunosMatch16.2r2-s6
OR
juniperjunosMatch16.2r2-s7
OR
juniperjunosMatch16.2r2-s8
OR
juniperjunosMatch16.2r2-s9
OR
juniperjunosMatch16.2r3
OR
juniperjunosMatch17.1-
OR
juniperjunosMatch17.1r1
OR
juniperjunosMatch17.1r1-s7
OR
juniperjunosMatch17.1r2
OR
juniperjunosMatch17.1r2-s1
OR
juniperjunosMatch17.1r2-s10
OR
juniperjunosMatch17.1r2-s11
OR
juniperjunosMatch17.1r2-s2
OR
juniperjunosMatch17.1r2-s3
OR
juniperjunosMatch17.1r2-s4
OR
juniperjunosMatch17.1r2-s5
OR
juniperjunosMatch17.1r2-s6
OR
juniperjunosMatch17.1r2-s7
OR
juniperjunosMatch17.1r2-s8
OR
juniperjunosMatch17.1r2-s9
OR
juniperjunosMatch17.1r3
OR
juniperjunosMatch17.1r3-s1
OR
juniperjunosMatch17.1r3-s2
OR
juniperjunosMatch17.2-
OR
juniperjunosMatch17.2r1
OR
juniperjunosMatch17.2r1-s1
OR
juniperjunosMatch17.2r1-s2
OR
juniperjunosMatch17.2r1-s3
OR
juniperjunosMatch17.2r1-s4
OR
juniperjunosMatch17.2r1-s5
OR
juniperjunosMatch17.2r1-s6
OR
juniperjunosMatch17.2r1-s7
OR
juniperjunosMatch17.2r1-s8
OR
juniperjunosMatch17.2r2
OR
juniperjunosMatch17.2r2-s11
OR
juniperjunosMatch17.2r2-s4
OR
juniperjunosMatch17.2r2-s6
OR
juniperjunosMatch17.2r2-s7
OR
juniperjunosMatch17.2r3
OR
juniperjunosMatch17.2r3-s1
OR
juniperjunosMatch17.2r3-s2
OR
juniperjunosMatch17.2r3-s3
OR
juniperjunosMatch17.2r3-s4
OR
juniperjunosMatch17.3-
OR
juniperjunosMatch17.3r1
OR
juniperjunosMatch17.3r1-s1
OR
juniperjunosMatch17.3r1-s4
OR
juniperjunosMatch17.3r2
OR
juniperjunosMatch17.3r2-s1
OR
juniperjunosMatch17.3r2-s2
OR
juniperjunosMatch17.3r2-s3
OR
juniperjunosMatch17.3r2-s4
OR
juniperjunosMatch17.3r2-s5
OR
juniperjunosMatch17.3r3
OR
juniperjunosMatch17.3r3-
OR
juniperjunosMatch17.3r3-s1
OR
juniperjunosMatch17.3r3-s10
OR
juniperjunosMatch17.3r3-s2
OR
juniperjunosMatch17.3r3-s3
OR
juniperjunosMatch17.3r3-s4
OR
juniperjunosMatch17.3r3-s5
OR
juniperjunosMatch17.3r3-s6
OR
juniperjunosMatch17.3r3-s7
OR
juniperjunosMatch17.3r3-s8
OR
juniperjunosMatch17.4-
OR
juniperjunosMatch17.4r1
OR
juniperjunosMatch17.4r1-s1
OR
juniperjunosMatch17.4r1-s2
OR
juniperjunosMatch17.4r1-s3
OR
juniperjunosMatch17.4r1-s4
OR
juniperjunosMatch17.4r1-s5
OR
juniperjunosMatch17.4r1-s6
OR
juniperjunosMatch17.4r1-s7
OR
juniperjunosMatch17.4r2
OR
juniperjunosMatch17.4r2-s1
OR
juniperjunosMatch17.4r2-s10
OR
juniperjunosMatch17.4r2-s11
OR
juniperjunosMatch17.4r2-s2
OR
juniperjunosMatch17.4r2-s3
OR
juniperjunosMatch17.4r2-s4
OR
juniperjunosMatch17.4r2-s5
OR
juniperjunosMatch17.4r2-s6
OR
juniperjunosMatch17.4r2-s7
OR
juniperjunosMatch17.4r2-s8
OR
juniperjunosMatch17.4r2-s9
OR
juniperjunosMatch17.4r3
OR
juniperjunosMatch17.4r3-s1
OR
juniperjunosMatch18.1-
OR
juniperjunosMatch18.1r1
OR
juniperjunosMatch18.1r2
OR
juniperjunosMatch18.1r2-s1
OR
juniperjunosMatch18.1r2-s2
OR
juniperjunosMatch18.1r2-s4
OR
juniperjunosMatch18.1r3
OR
juniperjunosMatch18.1r3-s1
OR
juniperjunosMatch18.1r3-s10
OR
juniperjunosMatch18.1r3-s2
OR
juniperjunosMatch18.1r3-s3
OR
juniperjunosMatch18.1r3-s4
OR
juniperjunosMatch18.1r3-s5
OR
juniperjunosMatch18.1r3-s6
OR
juniperjunosMatch18.1r3-s7
OR
juniperjunosMatch18.1r3-s8
OR
juniperjunosMatch18.1r3-s9
OR
juniperjunosMatch18.2-
OR
juniperjunosMatch18.2r1
OR
juniperjunosMatch18.2r1-s2
OR
juniperjunosMatch18.2r1-s3
OR
juniperjunosMatch18.2r1-s4
OR
juniperjunosMatch18.2r1-s5
OR
juniperjunosMatch18.2r2
OR
juniperjunosMatch18.2r2-s1
OR
juniperjunosMatch18.2r2-s2
OR
juniperjunosMatch18.2r2-s3
OR
juniperjunosMatch18.2r2-s4
OR
juniperjunosMatch18.2r2-s5
OR
juniperjunosMatch18.2r2-s6
OR
juniperjunosMatch18.2r2-s7
OR
juniperjunosMatch18.2r3
OR
juniperjunosMatch18.2r3-s1
OR
juniperjunosMatch18.2r3-s2
OR
juniperjunosMatch18.2r3-s3
OR
juniperjunosMatch18.2r3-s4
OR
juniperjunosMatch18.3-
OR
juniperjunosMatch18.3r1
OR
juniperjunosMatch18.3r1-s1
OR
juniperjunosMatch18.3r1-s2
OR
juniperjunosMatch18.3r1-s3
OR
juniperjunosMatch18.3r1-s4
OR
juniperjunosMatch18.3r1-s5
OR
juniperjunosMatch18.3r1-s6
OR
juniperjunosMatch18.3r2
OR
juniperjunosMatch18.3r2-s1
OR
juniperjunosMatch18.3r2-s2
OR
juniperjunosMatch18.3r2-s3
OR
juniperjunosMatch18.3r2-s4
OR
juniperjunosMatch18.3r3
OR
juniperjunosMatch18.3r3-s1
OR
juniperjunosMatch18.3r3-s2
OR
juniperjunosMatch18.4-
OR
juniperjunosMatch18.4r1
OR
juniperjunosMatch18.4r1-s1
OR
juniperjunosMatch18.4r1-s2
OR
juniperjunosMatch18.4r1-s3
OR
juniperjunosMatch18.4r1-s4
OR
juniperjunosMatch18.4r1-s5
OR
juniperjunosMatch18.4r1-s6
OR
juniperjunosMatch18.4r1-s7
OR
juniperjunosMatch18.4r2
OR
juniperjunosMatch18.4r2-s1
OR
juniperjunosMatch18.4r2-s2
OR
juniperjunosMatch18.4r2-s3
OR
juniperjunosMatch18.4r2-s4
OR
juniperjunosMatch18.4r3
OR
juniperjunosMatch18.4r3-s1
OR
juniperjunosMatch18.4r3-s2
OR
juniperjunosMatch18.4r3-s3
OR
juniperjunosMatch19.1-
OR
juniperjunosMatch19.1r1
OR
juniperjunosMatch19.1r1-s1
OR
juniperjunosMatch19.1r1-s2
OR
juniperjunosMatch19.1r1-s3
OR
juniperjunosMatch19.1r1-s4
OR
juniperjunosMatch19.1r1-s5
OR
juniperjunosMatch19.1r2
OR
juniperjunosMatch19.1r2-s1
OR
juniperjunosMatch19.1r3
OR
juniperjunosMatch19.1r3-s1
OR
juniperjunosMatch19.2-
OR
juniperjunosMatch19.2r1
OR
juniperjunosMatch19.2r1-s1
OR
juniperjunosMatch19.2r1-s2
OR
juniperjunosMatch19.2r1-s3
OR
juniperjunosMatch19.2r1-s4
OR
juniperjunosMatch19.2r1-s5
OR
juniperjunosMatch19.2r2
OR
juniperjunosMatch19.2r2-s1
OR
juniperjunosMatch19.3-
OR
juniperjunosMatch19.3r1
OR
juniperjunosMatch19.3r1-s1
OR
juniperjunosMatch19.3r2
OR
juniperjunosMatch19.3r2-s1
OR
juniperjunosMatch19.3r2-s2
OR
juniperjunosMatch19.3r2-s3
OR
juniperjunosMatch19.3r2-s4
OR
juniperjunosMatch19.3r2-s5
OR
juniperjunosMatch19.4r1
OR
juniperjunosMatch19.4r1-s1
OR
juniperjunosMatch19.4r1-s2
OR
juniperjunosMatch19.4r2
OR
juniperjunosMatch19.4r2-s1
OR
juniperjunosMatch19.4r2-s2
OR
juniperjunosMatch19.4r2-s3
OR
juniperjunosMatch20.1r1
OR
juniperjunosMatch20.1r1-s1
OR
juniperjunosMatch20.1r1-s2
OR
juniperjunosMatch20.1r1-s3
OR
juniperjunosMatch20.1r1-s4
AND
juniperqfx10002-32qMatch-
OR
juniperqfx10002-60cMatch-
OR
juniperqfx10002-72qMatch-
OR
juniperqfx10008Match-
OR
juniperqfx10016Match-

CNA Affected

[
  {
    "platforms": [
      "QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "16.1R1",
        "status": "unaffected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3-S9",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R3-S2",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R3-S11",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R3-S5",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      },
      {
        "lessThan": "18.3R3-S3",
        "status": "affected",
        "version": "18.3",
        "versionType": "custom"
      },
      {
        "lessThan": "18.4R2-S5, 18.4R3-S4",
        "status": "affected",
        "version": "18.4",
        "versionType": "custom"
      },
      {
        "lessThan": "19.1R3-S2",
        "status": "affected",
        "version": "19.1",
        "versionType": "custom"
      },
      {
        "lessThan": "19.2R3",
        "status": "affected",
        "version": "19.2",
        "versionType": "custom"
      },
      {
        "lessThan": "19.3R3",
        "status": "affected",
        "version": "19.3",
        "versionType": "custom"
      },
      {
        "lessThan": "19.4R3",
        "status": "affected",
        "version": "19.4",
        "versionType": "custom"
      },
      {
        "lessThan": "20.1R2",
        "status": "affected",
        "version": "20.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1*",
        "status": "affected",
        "version": "16.1R1",
        "versionType": "custom"
      }
    ]
  }
]

Related

cvelist 1
nessus 1
nvd 1
prion 1
cvelist
cvelist
CVE-2021-0272 Junos OS: QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016: In EVPN-VXLAN scenarios receipt of specific genuine packets by an adjacent attacker will cause a kernel memory leak in FPC.
2021-04-14 00:00:00
nessus
nessus
Juniper Junos OS Vulnerability (JSA11163)
2021-04-15 00:00:00
nvd
nvd
CVE-2021-0272
2021-04-22 20:15:10
prion
prion
Design/Logic Flaw
2021-04-22 20:15:00

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.2%

JSON
Related for CVE-2021-0272
cvelist1nessus1nvd1prion1