CVE-2021-31376

Published Oct 19, 2021

Last updated 3 years ago

CVSS high 7.5

Overview

Description: An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific DHCPv6 packets to the device and crashing the FXPC service. Continued receipt and processing of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms in ACX Series: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096 devices. Other ACX platforms are not affected from this issue. This issue affects Juniper Networks Junos OS on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: 18.4 version 18.4R3-S7 and later versions prior to 18.4R3-S8. This issue does not affect: Juniper Networks Junos OS 18.4 versions prior to 18.4R3-S7 on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096.
Source: sirt@juniper.net
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-20
sirt@juniper.net: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14FC491D-8DA8-4E79-A9A6-3629E41C847A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:juniper:acx1000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AF19CB03-4A42-48BC-A6E1-A6F56D40F422"
          },
          {
            "criteria": "cpe:2.3:h:juniper:acx1100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "648CB4A2-05FA-4445-BB4F-F9285A8E8A5D"
          },
          {
            "criteria": "cpe:2.3:h:juniper:acx2100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E9F5683A-7DCC-4691-AD3A-F2B66684DA9C"
          },
          {
            "criteria": "cpe:2.3:h:juniper:acx2200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "154658D0-FE3E-43C1-8A4D-CAF67C9BCD98"
          },
          {
            "criteria": "cpe:2.3:h:juniper:acx4000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "76E2CDA9-2379-482C-B509-D527AFE2C7D5"
          },
          {
            "criteria": "cpe:2.3:h:juniper:acx500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "36729286-5080-47E8-A961-976BF64F5A93"
          },
          {
            "criteria": "cpe:2.3:h:juniper:acx5048:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3F8DB691-C9F4-4084-8563-642A2F63DA86"
          },
          {
            "criteria": "cpe:2.3:h:juniper:acx5096:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "44B58F51-4F0D-40BD-A90F-226A26F4646E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References