CVE-2021-0209
Published Jan 15, 2021
Last updated 3 years ago
Overview
- Description
- In Juniper Networks Junos OS Evolved an attacker sending certain valid BGP update packets may cause Junos OS Evolved to access an uninitialized pointer causing RPD to core leading to a Denial of Service (DoS). Continued receipt of these types of valid BGP update packets will cause an extended Denial of Service condition. RPD will require a restart to recover. An indicator of compromise is to see if the file rpd.re exists by issuing the command: show system core-dumps This issue affects: Juniper Networks Junos OS Evolved 19.4 versions prior to 19.4R2-S2-EVO; 20.1 versions prior to 20.1R1-S2-EVO, 20.1R2-S1-EVO. This issue does not affect Junos OS.
- Source
- sirt@juniper.net
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 5.7
- Impact score
- 6.9
- Exploitability score
- 5.5
- Vector string
- AV:A/AC:M/Au:N/C:N/I:N/A:C
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83447F3F-79A3-41DF-8FD1-31DCFCBE40A4"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B14CED1-BEAF-4343-A05D-FB1E2B6AC955"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r2-s1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABB91C38-8C70-436A-83DB-42B8DF81D7D8"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AED25FB6-E3FA-4543-90B2-50068D683D50"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F64FBB4B-7CBF-499B-A523-804857DEFAFA"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1-s1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEBE159F-5D94-4C18-B922-331586BEA2CA"
}
],
"operator": "OR"
}
]
}
]