Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveJuniperCVE-2021-31375
HistoryOct 19, 2021 - 7:15 p.m.

CVE-2021-31375

2021-10-1919:15:10
CWE-358
CWE-20
juniper
web.nvd.nist.gov
32
2
cve-2021-31375
improper input validation
juniper networks
junos os
bgp
rpki
rpki policy-checks
spoofed advertisement

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

36.1%

JSON

An Improper Input Validation vulnerability in routing process daemon (RPD) of Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI), allows an attacker to send a specific BGP update which may cause RPKI policy-checks to be bypassed. This, in turn, may allow a spoofed advertisement to be accepted or propagated. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.2 versions prior to 17.2R3-S3; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S3; 18.3 versions prior to 18.3R3-S1; 18.4 versions prior to 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R2; 19.3 versions prior to 19.3R2.

Affected configurations

Nvd
Node
juniperjunosMatch12.3-
OR
juniperjunosMatch12.3r1
OR
juniperjunosMatch12.3r10
OR
juniperjunosMatch12.3r10-s1
OR
juniperjunosMatch12.3r10-s2
OR
juniperjunosMatch12.3r11
OR
juniperjunosMatch12.3r12
OR
juniperjunosMatch12.3r12-s1
OR
juniperjunosMatch12.3r12-s10
OR
juniperjunosMatch12.3r12-s11
OR
juniperjunosMatch12.3r12-s12
OR
juniperjunosMatch12.3r12-s13
OR
juniperjunosMatch12.3r12-s14
OR
juniperjunosMatch12.3r12-s15
OR
juniperjunosMatch12.3r12-s16
OR
juniperjunosMatch12.3r12-s17
OR
juniperjunosMatch15.1-
OR
juniperjunosMatch15.1a1
OR
juniperjunosMatch15.1f
OR
juniperjunosMatch15.1f1
OR
juniperjunosMatch15.1f2
OR
juniperjunosMatch15.1f2-s1
OR
juniperjunosMatch15.1f2-s2
OR
juniperjunosMatch15.1f2-s3
OR
juniperjunosMatch15.1f2-s4
OR
juniperjunosMatch15.1f3
OR
juniperjunosMatch15.1f4
OR
juniperjunosMatch15.1f5
OR
juniperjunosMatch15.1f5-s7
OR
juniperjunosMatch15.1f6
OR
juniperjunosMatch15.1f6-s1
OR
juniperjunosMatch15.1f6-s10
OR
juniperjunosMatch15.1f6-s12
OR
juniperjunosMatch15.1f6-s2
OR
juniperjunosMatch15.1f6-s3
OR
juniperjunosMatch15.1f6-s4
OR
juniperjunosMatch15.1f6-s5
OR
juniperjunosMatch15.1f6-s6
OR
juniperjunosMatch15.1f6-s7
OR
juniperjunosMatch15.1f6-s8
OR
juniperjunosMatch15.1f6-s9
OR
juniperjunosMatch15.1f7
OR
juniperjunosMatch15.1r
OR
juniperjunosMatch15.1r1
OR
juniperjunosMatch15.1r2
OR
juniperjunosMatch15.1r3
OR
juniperjunosMatch15.1r4
OR
juniperjunosMatch15.1r4-s7
OR
juniperjunosMatch15.1r4-s8
OR
juniperjunosMatch15.1r4-s9
OR
juniperjunosMatch15.1r5
OR
juniperjunosMatch15.1r5-s1
OR
juniperjunosMatch15.1r5-s3
OR
juniperjunosMatch15.1r5-s5
OR
juniperjunosMatch15.1r5-s6
OR
juniperjunosMatch15.1r6
OR
juniperjunosMatch15.1r6-s1
OR
juniperjunosMatch15.1r6-s2
OR
juniperjunosMatch15.1r6-s3
OR
juniperjunosMatch15.1r6-s4
OR
juniperjunosMatch15.1r6-s6
OR
juniperjunosMatch15.1r7
OR
juniperjunosMatch15.1r7-s1
OR
juniperjunosMatch15.1r7-s2
OR
juniperjunosMatch15.1r7-s3
OR
juniperjunosMatch15.1r7-s4
OR
juniperjunosMatch15.1r7-s5
OR
juniperjunosMatch15.1r7-s6
OR
juniperjunosMatch15.1r7-s7
OR
juniperjunosMatch15.1r7-s8
OR
juniperjunosMatch17.2-
OR
juniperjunosMatch17.2r1
OR
juniperjunosMatch17.2r1-s1
OR
juniperjunosMatch17.2r1-s2
OR
juniperjunosMatch17.2r1-s3
OR
juniperjunosMatch17.2r1-s4
OR
juniperjunosMatch17.2r1-s5
OR
juniperjunosMatch17.2r1-s6
OR
juniperjunosMatch17.2r1-s7
OR
juniperjunosMatch17.2r1-s8
OR
juniperjunosMatch17.2r2
OR
juniperjunosMatch17.2r2-s11
OR
juniperjunosMatch17.2r2-s4
OR
juniperjunosMatch17.2r2-s6
OR
juniperjunosMatch17.2r2-s7
OR
juniperjunosMatch17.2r3
OR
juniperjunosMatch17.2r3-s1
OR
juniperjunosMatch17.2r3-s2
OR
juniperjunosMatch17.3-
OR
juniperjunosMatch17.3r1
OR
juniperjunosMatch17.3r1-s1
OR
juniperjunosMatch17.3r1-s4
OR
juniperjunosMatch17.3r2
OR
juniperjunosMatch17.3r2-s1
OR
juniperjunosMatch17.3r2-s2
OR
juniperjunosMatch17.3r2-s3
OR
juniperjunosMatch17.3r2-s4
OR
juniperjunosMatch17.3r2-s5
OR
juniperjunosMatch17.3r3
OR
juniperjunosMatch17.3r3-
OR
juniperjunosMatch17.3r3-s1
OR
juniperjunosMatch17.3r3-s2
OR
juniperjunosMatch17.3r3-s3
OR
juniperjunosMatch17.3r3-s4
OR
juniperjunosMatch17.3r3-s5
OR
juniperjunosMatch17.3r3-s6
OR
juniperjunosMatch17.4-
OR
juniperjunosMatch17.4r1
OR
juniperjunosMatch17.4r1-s1
OR
juniperjunosMatch17.4r1-s2
OR
juniperjunosMatch17.4r1-s3
OR
juniperjunosMatch17.4r1-s4
OR
juniperjunosMatch17.4r1-s5
OR
juniperjunosMatch17.4r1-s6
OR
juniperjunosMatch17.4r1-s7
OR
juniperjunosMatch17.4r2
OR
juniperjunosMatch17.4r2-s1
OR
juniperjunosMatch17.4r2-s2
OR
juniperjunosMatch17.4r2-s3
OR
juniperjunosMatch17.4r2-s4
OR
juniperjunosMatch17.4r2-s5
OR
juniperjunosMatch17.4r2-s6
OR
juniperjunosMatch17.4r2-s7
OR
juniperjunosMatch17.4r2-s8
OR
juniperjunosMatch18.1-
OR
juniperjunosMatch18.1r1
OR
juniperjunosMatch18.1r2
OR
juniperjunosMatch18.1r2-s1
OR
juniperjunosMatch18.1r2-s2
OR
juniperjunosMatch18.1r2-s4
OR
juniperjunosMatch18.1r3
OR
juniperjunosMatch18.1r3-s1
OR
juniperjunosMatch18.1r3-s10
OR
juniperjunosMatch18.1r3-s11
OR
juniperjunosMatch18.1r3-s12
OR
juniperjunosMatch18.1r3-s2
OR
juniperjunosMatch18.1r3-s3
OR
juniperjunosMatch18.1r3-s4
OR
juniperjunosMatch18.1r3-s5
OR
juniperjunosMatch18.1r3-s6
OR
juniperjunosMatch18.1r3-s7
OR
juniperjunosMatch18.1r3-s8
OR
juniperjunosMatch18.1r3-s9
OR
juniperjunosMatch18.2-
OR
juniperjunosMatch18.2r1
OR
juniperjunosMatch18.2r1-
OR
juniperjunosMatch18.2r1-s2
OR
juniperjunosMatch18.2r1-s3
OR
juniperjunosMatch18.2r1-s4
OR
juniperjunosMatch18.2r1-s5
OR
juniperjunosMatch18.2r2
OR
juniperjunosMatch18.2r2-s1
OR
juniperjunosMatch18.2r2-s2
OR
juniperjunosMatch18.2r2-s3
OR
juniperjunosMatch18.2r2-s4
OR
juniperjunosMatch18.2r2-s5
OR
juniperjunosMatch18.2r2-s6
OR
juniperjunosMatch18.2r2-s7
OR
juniperjunosMatch18.2r3
OR
juniperjunosMatch18.2r3-s1
OR
juniperjunosMatch18.2r3-s2
OR
juniperjunosMatch18.3-
OR
juniperjunosMatch18.3r1
OR
juniperjunosMatch18.3r1-s1
OR
juniperjunosMatch18.3r1-s2
OR
juniperjunosMatch18.3r1-s3
OR
juniperjunosMatch18.3r1-s4
OR
juniperjunosMatch18.3r1-s5
OR
juniperjunosMatch18.3r1-s6
OR
juniperjunosMatch18.3r2
OR
juniperjunosMatch18.3r2-s1
OR
juniperjunosMatch18.3r2-s2
OR
juniperjunosMatch18.3r2-s3
OR
juniperjunosMatch18.3r2-s4
OR
juniperjunosMatch18.3r3
OR
juniperjunosMatch18.4-
OR
juniperjunosMatch18.4r1
OR
juniperjunosMatch18.4r1-s1
OR
juniperjunosMatch18.4r1-s2
OR
juniperjunosMatch18.4r1-s3
OR
juniperjunosMatch18.4r1-s4
OR
juniperjunosMatch18.4r1-s5
OR
juniperjunosMatch18.4r1-s6
OR
juniperjunosMatch18.4r1-s7
OR
juniperjunosMatch18.4r2
OR
juniperjunosMatch18.4r2-s1
OR
juniperjunosMatch18.4r2-s2
OR
juniperjunosMatch18.4r2-s3
OR
juniperjunosMatch18.4r2-s4
OR
juniperjunosMatch18.4r2-s5
OR
juniperjunosMatch18.4r2-s6
OR
juniperjunosMatch18.4r2-s7
OR
juniperjunosMatch18.4r2-s8
OR
juniperjunosMatch19.1-
OR
juniperjunosMatch19.1r1
OR
juniperjunosMatch19.1r1-s1
OR
juniperjunosMatch19.1r1-s2
OR
juniperjunosMatch19.1r1-s3
OR
juniperjunosMatch19.1r1-s4
OR
juniperjunosMatch19.1r1-s5
OR
juniperjunosMatch19.1r1-s6
OR
juniperjunosMatch19.2-
OR
juniperjunosMatch19.2r1
OR
juniperjunosMatch19.2r1-s1
OR
juniperjunosMatch19.2r1-s2
OR
juniperjunosMatch19.2r1-s3
OR
juniperjunosMatch19.2r1-s4
OR
juniperjunosMatch19.2r1-s5
OR
juniperjunosMatch19.2r1-s6
OR
juniperjunosMatch19.3-
OR
juniperjunosMatch19.3r1
OR
juniperjunosMatch19.3r1-s1
VendorProductVersionCPE
juniperjunos12.3cpe:2.3:o:juniper:junos:12.3:-:*:*:*:*:*:*
juniperjunos12.3cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*
juniperjunos12.3cpe:2.3:o:juniper:junos:12.3:r10:*:*:*:*:*:*
juniperjunos12.3cpe:2.3:o:juniper:junos:12.3:r10-s1:*:*:*:*:*:*
juniperjunos12.3cpe:2.3:o:juniper:junos:12.3:r10-s2:*:*:*:*:*:*
juniperjunos12.3cpe:2.3:o:juniper:junos:12.3:r11:*:*:*:*:*:*
juniperjunos12.3cpe:2.3:o:juniper:junos:12.3:r12:*:*:*:*:*:*
juniperjunos12.3cpe:2.3:o:juniper:junos:12.3:r12-s1:*:*:*:*:*:*
juniperjunos12.3cpe:2.3:o:juniper:junos:12.3:r12-s10:*:*:*:*:*:*
juniperjunos12.3cpe:2.3:o:juniper:junos:12.3:r12-s11:*:*:*:*:*:*
Rows per page:
1-10 of 2121

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "12.3R12-S18",
        "status": "affected",
        "version": "12.3",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1R7-S9",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R3-S3",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3-S7",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R2-S9, 17.4R3",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R3-S13",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R3-S3",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      },
      {
        "lessThan": "18.3R3-S1",
        "status": "affected",
        "version": "18.3",
        "versionType": "custom"
      },
      {
        "lessThan": "18.4R3",
        "status": "affected",
        "version": "18.4",
        "versionType": "custom"
      },
      {
        "lessThan": "19.1R2",
        "status": "affected",
        "version": "19.1",
        "versionType": "custom"
      },
      {
        "lessThan": "19.2R2",
        "status": "affected",
        "version": "19.2",
        "versionType": "custom"
      },
      {
        "lessThan": "19.3R2",
        "status": "affected",
        "version": "19.3",
        "versionType": "custom"
      }
    ]
  }
]

Social References

More

Related

cvelist 1
nvd 1
prion 1
nessus 1
cvelist
cvelist
CVE-2021-31375 Junos OS: Receipt of a specific BGP update may cause RPKI policy-checks to be bypassed
2021-10-19 18:17:13
nvd
nvd
CVE-2021-31375
2021-10-19 19:15:10
prion
prion
Input validation
2021-10-19 19:15:00
nessus
nessus
Juniper Junos OS Spoofing (JSA11240)
2022-03-25 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

36.1%

JSON
Related for CVE-2021-31375
cvelist1nvd1prion1nessus1