cvelistv5 - cve-2021-0202

CVE-2021-0202 (GCVE-0-2021-0202)

Vulnerability from cvelistv5 – Published: 2021-01-15 17:35 – Updated: 2024-09-17 00:31

Summary

On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device> show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of “% NH mem Free” will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3R3-S8; 17.4R3-S2; 18.2R3-S4, 18.2R3-S5; 18.3R3-S2, 18.3R3-S3; 18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6; 19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1; 19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3; 20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2. This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

juniper

References

URL

Tags

https://kb.juniper.net/JSA11092

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Juniper Networks	Junos OS	Affected: 17.3R3-S8 Affected: 17.4R3-S2 Unaffected: 18.1 Unaffected: 19.1 Unaffected: 19.3 Unaffected: 20.1 Affected: 18.2R3-S4 , < 18.2* (custom) Affected: 18.3R3-S2 , < 18.3* (custom) Affected: 18.4R3-S1 , < 18.4* (custom) Affected: 19.2R2 , < 19.2* (custom) Affected: 19.4R2 , < 19.4* (custom) Affected: 20.2R1 , < 20.2* (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:32:09.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA11092"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "MX Series, EX9200 Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "status": "affected",
              "version": "17.3R3-S8"
            },
            {
              "status": "affected",
              "version": "17.4R3-S2"
            },
            {
              "status": "unaffected",
              "version": "18.1"
            },
            {
              "status": "unaffected",
              "version": "19.1"
            },
            {
              "status": "unaffected",
              "version": "19.3"
            },
            {
              "status": "unaffected",
              "version": "20.1"
            },
            {
              "changes": [
                {
                  "at": "18.2R3-S6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "18.2*",
              "status": "affected",
              "version": "18.2R3-S4",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "18.3R3-S4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "18.3*",
              "status": "affected",
              "version": "18.3R3-S2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "18.4R3-S6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "18.4*",
              "status": "affected",
              "version": "18.4R3-S1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "19.2R3-S1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "19.2*",
              "status": "affected",
              "version": "19.2R2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "19.4R2-S3, 19.4R3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "19.4*",
              "status": "affected",
              "version": "19.4R2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "20.2R1-S3, 20.2R2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "20.2*",
              "status": "affected",
              "version": "20.2R1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue may occur when the IRB interface is configured and mapped to a VPLS instance or a Bridge-Domain\n\nIn the scenario where the IRB interface is mapped to a Bridge-Domain, the minimum configuration stanzas required related to this issue are the following:\n  [bridge-domains \u003cdomain_name\u003e routing-interface  irb.\u003cunit_number\u003e]\nin combination with:\n  [bridge-domains \u003cdomain_name\u003e  domain-type bridge]\n\nIn the scenario where the IRB interface is mapped to a VPLS instance, the minimum configuration stanzas required related to this issue are the following:\n  [routing-instances \u003cinstance_name\u003e instance-type vpls]\nin combination with:\n  [routing-instances \u003cinstance_name\u003e routing-interface irb.\u003cunit_number\u003e]"
        }
      ],
      "datePublic": "2021-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device\u003e show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of \u201c% NH mem Free\u201d will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3R3-S8; 17.4R3-S2; 18.2R3-S4, 18.2R3-S5; 18.3R3-S2, 18.3R3-S3; 18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6; 19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1; 19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3; 20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2. This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-15T17:35:51",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA11092"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue:  17.3R3-S9, 17.4R3-S3, 18.2R3-S6, 18.3R3-S4, 18.4R3-S6, 19.2R3-S1, 19.4R2-S3, 19.4R3, 20.2R1-S3, 20.2R2, 20.3R1, and all subsequent releases.\nThe fix has been proactively committed to other releases as well."
        }
      ],
      "source": {
        "advisory": "JSA11092",
        "defect": [
          "1525226"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: MX Series, EX9200 Series: Trio-based MPC memory leak when Integrated Routing and Bridging (IRB) interface is mapped to a VPLS instance or a Bridge-Domain",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no viable workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2021-01-13T17:00:00.000Z",
          "ID": "CVE-2021-0202",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: MX Series, EX9200 Series: Trio-based MPC memory leak when Integrated Routing and Bridging (IRB) interface is mapped to a VPLS instance or a Bridge-Domain"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "=",
                            "version_name": "17.3",
                            "version_value": "17.3R3-S8"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "=",
                            "version_name": "17.4",
                            "version_value": "17.4R3-S2"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "!",
                            "version_name": "18.1",
                            "version_value": "18.1"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "\u003e=",
                            "version_name": "18.2",
                            "version_value": "18.2R3-S4"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "\u003c",
                            "version_name": "18.2",
                            "version_value": "18.2R3-S6"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "\u003e=",
                            "version_name": "18.3",
                            "version_value": "18.3R3-S2"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "\u003c",
                            "version_name": "18.3",
                            "version_value": "18.3R3-S4"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "\u003e=",
                            "version_name": "18.4",
                            "version_value": "18.4R3-S1"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "\u003c",
                            "version_name": "18.4",
                            "version_value": "18.4R3-S6"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "!",
                            "version_name": "19.1",
                            "version_value": "19.1"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "\u003e=",
                            "version_name": "19.2",
                            "version_value": "19.2R2"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "\u003c",
                            "version_name": "19.2",
                            "version_value": "19.2R3-S1"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "!",
                            "version_name": "19.3",
                            "version_value": "19.3"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "\u003e=",
                            "version_name": "19.4",
                            "version_value": "19.4R2"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "\u003c",
                            "version_name": "19.4",
                            "version_value": "19.4R2-S3, 19.4R3"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "!",
                            "version_name": "20.1",
                            "version_value": "20.1"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "\u003e=",
                            "version_name": "20.2",
                            "version_value": "20.2R1"
                          },
                          {
                            "platform": "MX Series, EX9200 Series",
                            "version_affected": "\u003c",
                            "version_name": "20.2",
                            "version_value": "20.2R1-S3, 20.2R2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue may occur when the IRB interface is configured and mapped to a VPLS instance or a Bridge-Domain\n\nIn the scenario where the IRB interface is mapped to a Bridge-Domain, the minimum configuration stanzas required related to this issue are the following:\n  [bridge-domains \u003cdomain_name\u003e routing-interface  irb.\u003cunit_number\u003e]\nin combination with:\n  [bridge-domains \u003cdomain_name\u003e  domain-type bridge]\n\nIn the scenario where the IRB interface is mapped to a VPLS instance, the minimum configuration stanzas required related to this issue are the following:\n  [routing-instances \u003cinstance_name\u003e instance-type vpls]\nin combination with:\n  [routing-instances \u003cinstance_name\u003e routing-interface irb.\u003cunit_number\u003e]"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device\u003e show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of \u201c% NH mem Free\u201d will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3R3-S8; 17.4R3-S2; 18.2R3-S4, 18.2R3-S5; 18.3R3-S2, 18.3R3-S3; 18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6; 19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1; 19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3; 20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2. This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400 Uncontrolled Resource Consumption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA11092",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA11092"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue:  17.3R3-S9, 17.4R3-S3, 18.2R3-S6, 18.3R3-S4, 18.4R3-S6, 19.2R3-S1, 19.4R2-S3, 19.4R3, 20.2R1-S3, 20.2R2, 20.3R1, and all subsequent releases.\nThe fix has been proactively committed to other releases as well."
          }
        ],
        "source": {
          "advisory": "JSA11092",
          "defect": [
            "1525226"
          ],
          "discovery": "USER"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "There are no viable workarounds for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2021-0202",
    "datePublished": "2021-01-15T17:35:51.550389Z",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-09-17T00:31:32.694Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r3-s8:*:*:*:*:*:*\", \"matchCriteriaId\": \"130E4A30-A19D-4D1E-B91C-575E8F43EA87\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"11A24AA6-5378-4EEA-82D5-66A5F1110698\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r3-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"B783A510-A694-4BF0-8995-F05507F75A90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r3-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9CAAF7C-9876-473A-BE83-16EA8F00E8C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0BC4766-4BA4-4B02-A654-5C527EA66E9E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB8263A9-5D63-46A2-9C98-B3980910B612\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"62E63730-F697-4FE6-936B-FD9B4F22EAE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"064A7052-4EF5-4BFB-88FF-8122AEECB6A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"08C58CCB-3BAA-4400-B371-556DF46DE69C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"28F7740D-C636-4FA3-8479-E5E039041DA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"81F6DEA3-F07E-4FD0-87CB-4E8C0B768706\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C71D2FA-B1A4-4004-807F-7B3BB347DF4C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"512FB3D1-BA5B-4F73-BDB2-49D6889F5473\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DCFA774-96EF-4018-82CF-95C807025C24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"76022948-4B07-43CB-824C-44E1AB3537CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"25446F60-5CB9-4923-BCE8-609AE3CFDFBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3C23AEB-34DE-44FB-8D64-E69D6E8B7401\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"18DB9401-5A51-4BB3-AC2F-58F58F1C788C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:ex9200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D08A8D94-134A-41E7-8396-70D8B0735E9C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52699E2B-450A-431C-81E3-DC4483C8B4F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5627740-42E3-4FB1-B8B9-0B768AFFA1EC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F72C850A-0530-4DB7-A553-7E19F82122B5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FE2089C-F341-4DC1-B76D-633BC699306D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27175D9A-CA2C-4218-8042-835E25DFCA43\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00C7FC57-8ACF-45AA-A227-7E3B350FD24F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2754C2DF-DF6E-4109-9463-38B4E0465B77\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4A26704-A6A4-4C4F-9E12-A0A0259491EF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C982A2FF-A1F9-4830-BAB6-77CFCE1F093F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"104858BD-D31D-40E0-8524-2EC311F10EAC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B557965-0040-4048-B56C-F564FF28635B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB875EBD-A3CD-4466-B2A3-39D47FF94592\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5E08E1E-0FE4-4294-9497-BBFFECA2A220\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device\u003e show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of \\u201c% NH mem Free\\u201d will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3R3-S8; 17.4R3-S2; 18.2R3-S4, 18.2R3-S5; 18.3R3-S2, 18.3R3-S3; 18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6; 19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1; 19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3; 20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2. This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1.\"}, {\"lang\": \"es\", \"value\": \"En plataformas Juniper Networks Serie MX y Serie EX9200 con Trio-based MPC (Modular Port Concentrator), donde la interfaz Integrated Routing and Bridging (IRB) est\\u00e1 configurada y mapeada a una instancia VPLS o Bridge-Domain, determinados eventos de red en Customer Edge (CE) puede causar una p\\u00e9rdida de memoria en el MPC, lo que puede causar una falta de memoria y el reinicio del MPC.\u0026#xa0;Cuando este problema ocurre, habr\\u00e1 una interrupci\\u00f3n temporal del tr\\u00e1fico hasta que el MPC es restaurado.\u0026#xa0;Un administrador puede usar el siguiente comando CLI para monitorear el estado del nivel de uso de memoria del MPC: user@device) show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99. Cuando se produce el problema, el valor de \\u201c% NH mem Free\\u201d bajar\\u00e1 hasta que el MPC reinicie.\u0026#xa0;Este problema afecta la Serie MX y Serie EX9200 con Trio-based PFEs (Packet Forwarding Engines).\u0026#xa0;Consulte https://kb.juniper.net/KB25385 para visualizar la lista de PFE Trio-based.\u0026#xa0;Este problema afecta al Juniper Networks Junos OS en la Serie MX, Serie EX9200: versiones 17.3R3-S8;\u0026#xa0;17,4R3-S2;\u0026#xa0;18.2R3-S4, 18.2R3-S5;\u0026#xa0;18.3R3-S2, 18.3R3-S3;\u0026#xa0;18.4 versiones desde 18.4R3-S1 y versiones posteriores a 18.4R3-S6;\u0026#xa0;19.2 versiones desde 19.2R2 y versiones posteriores a 19.2R3-S1;\u0026#xa0;19.4 versiones a partir de 19.4R2 y versiones posteriores a 19.4R2-S3, 19.4R3;\u0026#xa0;20.2 versiones desde 20.2R1 y versiones posteriores a 20.2R1-S3,\u0026#xa0;20.2R2.\u0026#xa0;Este problema no afecta a Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1\"}]",
      "id": "CVE-2021-0202",
      "lastModified": "2024-11-21T05:42:11.437",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-01-15T18:15:14.370",
      "references": "[{\"url\": \"https://kb.juniper.net/JSA11092\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://kb.juniper.net/JSA11092\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-400\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-401\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-0202\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2021-01-15T18:15:14.370\",\"lastModified\":\"2024-11-21T05:42:11.437\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device\u003e show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of \u201c% NH mem Free\u201d will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3R3-S8; 17.4R3-S2; 18.2R3-S4, 18.2R3-S5; 18.3R3-S2, 18.3R3-S3; 18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6; 19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1; 19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3; 20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2. This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1.\"},{\"lang\":\"es\",\"value\":\"En plataformas Juniper Networks Serie MX y Serie EX9200 con Trio-based MPC (Modular Port Concentrator), donde la interfaz Integrated Routing and Bridging (IRB) est\u00e1 configurada y mapeada a una instancia VPLS o Bridge-Domain, determinados eventos de red en Customer Edge (CE) puede causar una p\u00e9rdida de memoria en el MPC, lo que puede causar una falta de memoria y el reinicio del MPC.\u0026#xa0;Cuando este problema ocurre, habr\u00e1 una interrupci\u00f3n temporal del tr\u00e1fico hasta que el MPC es restaurado.\u0026#xa0;Un administrador puede usar el siguiente comando CLI para monitorear el estado del nivel de uso de memoria del MPC: user@device) show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99. Cuando se produce el problema, el valor de \u201c% NH mem Free\u201d bajar\u00e1 hasta que el MPC reinicie.\u0026#xa0;Este problema afecta la Serie MX y Serie EX9200 con Trio-based PFEs (Packet Forwarding Engines).\u0026#xa0;Consulte https://kb.juniper.net/KB25385 para visualizar la lista de PFE Trio-based.\u0026#xa0;Este problema afecta al Juniper Networks Junos OS en la Serie MX, Serie EX9200: versiones 17.3R3-S8;\u0026#xa0;17,4R3-S2;\u0026#xa0;18.2R3-S4, 18.2R3-S5;\u0026#xa0;18.3R3-S2, 18.3R3-S3;\u0026#xa0;18.4 versiones desde 18.4R3-S1 y versiones posteriores a 18.4R3-S6;\u0026#xa0;19.2 versiones desde 19.2R2 y versiones posteriores a 19.2R3-S1;\u0026#xa0;19.4 versiones a partir de 19.4R2 y versiones posteriores a 19.4R2-S3, 19.4R3;\u0026#xa0;20.2 versiones desde 20.2R1 y versiones posteriores a 20.2R1-S3,\u0026#xa0;20.2R2.\u0026#xa0;Este problema no afecta a Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r3-s8:*:*:*:*:*:*\",\"matchCriteriaId\":\"130E4A30-A19D-4D1E-B91C-575E8F43EA87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"11A24AA6-5378-4EEA-82D5-66A5F1110698\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"B783A510-A694-4BF0-8995-F05507F75A90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9CAAF7C-9876-473A-BE83-16EA8F00E8C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0BC4766-4BA4-4B02-A654-5C527EA66E9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB8263A9-5D63-46A2-9C98-B3980910B612\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"62E63730-F697-4FE6-936B-FD9B4F22EAE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"064A7052-4EF5-4BFB-88FF-8122AEECB6A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"08C58CCB-3BAA-4400-B371-556DF46DE69C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"28F7740D-C636-4FA3-8479-E5E039041DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F6DEA3-F07E-4FD0-87CB-4E8C0B768706\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C71D2FA-B1A4-4004-807F-7B3BB347DF4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"512FB3D1-BA5B-4F73-BDB2-49D6889F5473\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DCFA774-96EF-4018-82CF-95C807025C24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"76022948-4B07-43CB-824C-44E1AB3537CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"25446F60-5CB9-4923-BCE8-609AE3CFDFBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C23AEB-34DE-44FB-8D64-E69D6E8B7401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"18DB9401-5A51-4BB3-AC2F-58F58F1C788C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:ex9200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D08A8D94-134A-41E7-8396-70D8B0735E9C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52699E2B-450A-431C-81E3-DC4483C8B4F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5627740-42E3-4FB1-B8B9-0B768AFFA1EC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F72C850A-0530-4DB7-A553-7E19F82122B5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FE2089C-F341-4DC1-B76D-633BC699306D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27175D9A-CA2C-4218-8042-835E25DFCA43\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00C7FC57-8ACF-45AA-A227-7E3B350FD24F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2754C2DF-DF6E-4109-9463-38B4E0465B77\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4A26704-A6A4-4C4F-9E12-A0A0259491EF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C982A2FF-A1F9-4830-BAB6-77CFCE1F093F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"104858BD-D31D-40E0-8524-2EC311F10EAC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B557965-0040-4048-B56C-F564FF28635B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB875EBD-A3CD-4466-B2A3-39D47FF94592\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5E08E1E-0FE4-4294-9497-BBFFECA2A220\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA11092\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://kb.juniper.net/JSA11092\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2021-AVI-033

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	Juniper Networks SRC Series versions antérieures à 4.12.0R6
Juniper Networks	N/A	Juniper Networks Contrail Networking versions antérieures à 1911.31
Juniper Networks	Junos OS Evolved	Juniper Junos OS Evolved versions antérieures à 19.3R2-S5-EVO, 19.4R2-S2-EVO, 20.1R1-S2-EVO, 20.1R1-S4-EVO, 20.1R2-S1-EVO, 20.2R1-EVO, 20.3R1-S1-EVO, 20.3R2-EVO et 20.4R1-EVO
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 12.3R12-S17, 12.3X48-D105, 14.1X53-D53, 15.1R7-S6, 15.1R7-S7, 15.1R7-S8, 15.1X49-D230, 15.1X49-D240, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.2R3-S3, 17.2R3-S4, 17.3R2-S5, 17.3R3-S10, 17.3R3-S7, 17.3R3-S8, 17.3R3-S9, 17.4R2-S11, 17.4R2-S12, 17.4R2-S9, 17.4R3, 17.4R3-S2, 17.4R3-S3, 17.4R3-S4, 18.1R3-S10, 18.1R3-S11, 18.1R3-S12, 18.1R3-S9, 18.2R2-S7, 18.2R2-S8, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2R3-S6, 18.2R3-S7, 18.2X75-D34, 18.3R2-S4, 18.3R3-S1, 18.3R3-S2, 18.3R3-S3, 18.3R3-S4, 18.4R1-S5, 18.4R1-S8, 18.4R2-S3, 18.4R2-S5, 18.4R2-S6, 18.4R2-S7, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3, 18.4R3-S4, 18.4R3-S5, 18.4R3-S6, 19.1R1-S4, 19.1R1-S5, 19.1R1-S6, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.1R3-S3, 19.2R1-S2, 19.2R1-S5, 19.2R1-S6, 19.2R2, 19.2R2-S1, 19.2R3, 19.2R3-S1, 19.3R2, 19.3R2-S1, 19.3R2-S3, 19.3R2-S4, 19.3R2-S5, 19.3R3, 19.3R3-S1, 19.4R1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R2-S1, 19.4R2-S2, 19.4R2-S3, 19.4R3, 19.4R3-S1, 20.1R1 , 20.1R1-S2, 20.1R1-S3, 20.1R1-S4, 20.1R2, 20.2R1, 20.2R1-S1, 20.2R1-S2, 20.2R1-S3, 20.2R2, 20.3R1, 20.3R1-S1, 20.3R2 et 20.4R1

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA11096 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11098 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11097 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11094 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11104 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11099 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11093 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11101 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11088 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11092 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11091 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11100 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11095 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11090 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11102 du 13 janvier 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Juniper Networks SRC Series versions ant\u00e9rieures \u00e0 4.12.0R6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Contrail Networking versions ant\u00e9rieures \u00e0 1911.31",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS Evolved versions ant\u00e9rieures \u00e0 19.3R2-S5-EVO, 19.4R2-S2-EVO, 20.1R1-S2-EVO, 20.1R1-S4-EVO, 20.1R2-S1-EVO, 20.2R1-EVO, 20.3R1-S1-EVO, 20.3R2-EVO et 20.4R1-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S17, 12.3X48-D105, 14.1X53-D53, 15.1R7-S6, 15.1R7-S7, 15.1R7-S8, 15.1X49-D230, 15.1X49-D240, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.2R3-S3, 17.2R3-S4, 17.3R2-S5, 17.3R3-S10, 17.3R3-S7, 17.3R3-S8, 17.3R3-S9, 17.4R2-S11, 17.4R2-S12, 17.4R2-S9, 17.4R3, 17.4R3-S2, 17.4R3-S3, 17.4R3-S4, 18.1R3-S10, 18.1R3-S11, 18.1R3-S12, 18.1R3-S9, 18.2R2-S7, 18.2R2-S8, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2R3-S6, 18.2R3-S7, 18.2X75-D34, 18.3R2-S4, 18.3R3-S1, 18.3R3-S2, 18.3R3-S3, 18.3R3-S4, 18.4R1-S5, 18.4R1-S8, 18.4R2-S3, 18.4R2-S5, 18.4R2-S6, 18.4R2-S7, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3, 18.4R3-S4, 18.4R3-S5, 18.4R3-S6, 19.1R1-S4, 19.1R1-S5, 19.1R1-S6, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.1R3-S3, 19.2R1-S2, 19.2R1-S5, 19.2R1-S6, 19.2R2, 19.2R2-S1, 19.2R3, 19.2R3-S1, 19.3R2, 19.3R2-S1, 19.3R2-S3, 19.3R2-S4, 19.3R2-S5, 19.3R3, 19.3R3-S1, 19.4R1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R2-S1, 19.4R2-S2, 19.4R2-S3, 19.4R3, 19.4R3-S1, 20.1R1 , 20.1R1-S2, 20.1R1-S3, 20.1R1-S4, 20.1R2, 20.2R1, 20.2R1-S1, 20.2R1-S2, 20.2R1-S3, 20.2R2, 20.3R1, 20.3R1-S1, 20.3R2 et 20.4R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-0207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0207"
    },
    {
      "name": "CVE-2021-0222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0222"
    },
    {
      "name": "CVE-2018-20997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20997"
    },
    {
      "name": "CVE-2010-0742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0742"
    },
    {
      "name": "CVE-2013-1741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1741"
    },
    {
      "name": "CVE-2021-0206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0206"
    },
    {
      "name": "CVE-2010-4252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4252"
    },
    {
      "name": "CVE-2015-0292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0292"
    },
    {
      "name": "CVE-2012-2110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2110"
    },
    {
      "name": "CVE-2019-11478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11478"
    },
    {
      "name": "CVE-2021-0202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0202"
    },
    {
      "name": "CVE-2007-5846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5846"
    },
    {
      "name": "CVE-2013-5607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5607"
    },
    {
      "name": "CVE-2021-0211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0211"
    },
    {
      "name": "CVE-2014-3567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3567"
    },
    {
      "name": "CVE-2020-8617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8617"
    },
    {
      "name": "CVE-2021-0203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0203"
    },
    {
      "name": "CVE-2021-0205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0205"
    },
    {
      "name": "CVE-2009-3245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3245"
    },
    {
      "name": "CVE-2019-11479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11479"
    },
    {
      "name": "CVE-2021-0209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0209"
    },
    {
      "name": "CVE-2014-8176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8176"
    },
    {
      "name": "CVE-2019-11477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11477"
    },
    {
      "name": "CVE-2011-4109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4109"
    },
    {
      "name": "CVE-2010-3864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3864"
    },
    {
      "name": "CVE-2021-0208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0208"
    },
    {
      "name": "CVE-2019-13565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13565"
    },
    {
      "name": "CVE-2021-0212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0212"
    },
    {
      "name": "CVE-2020-8616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8616"
    },
    {
      "name": "CVE-2021-0210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0210"
    },
    {
      "name": "CVE-2014-1545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1545"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-033",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-01-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11096 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11096\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11098 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11098\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11097 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11097\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11094 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11094\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11104 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11104\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11099 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11099\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11093 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11093\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11101 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11101\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11088 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11088\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11092 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11092\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11091 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11091\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11100 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11100\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11095 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11095\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11090 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11090\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11102 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11102\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2021-AVI-033

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	Juniper Networks SRC Series versions antérieures à 4.12.0R6
Juniper Networks	N/A	Juniper Networks Contrail Networking versions antérieures à 1911.31
Juniper Networks	Junos OS Evolved	Juniper Junos OS Evolved versions antérieures à 19.3R2-S5-EVO, 19.4R2-S2-EVO, 20.1R1-S2-EVO, 20.1R1-S4-EVO, 20.1R2-S1-EVO, 20.2R1-EVO, 20.3R1-S1-EVO, 20.3R2-EVO et 20.4R1-EVO
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 12.3R12-S17, 12.3X48-D105, 14.1X53-D53, 15.1R7-S6, 15.1R7-S7, 15.1R7-S8, 15.1X49-D230, 15.1X49-D240, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.2R3-S3, 17.2R3-S4, 17.3R2-S5, 17.3R3-S10, 17.3R3-S7, 17.3R3-S8, 17.3R3-S9, 17.4R2-S11, 17.4R2-S12, 17.4R2-S9, 17.4R3, 17.4R3-S2, 17.4R3-S3, 17.4R3-S4, 18.1R3-S10, 18.1R3-S11, 18.1R3-S12, 18.1R3-S9, 18.2R2-S7, 18.2R2-S8, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2R3-S6, 18.2R3-S7, 18.2X75-D34, 18.3R2-S4, 18.3R3-S1, 18.3R3-S2, 18.3R3-S3, 18.3R3-S4, 18.4R1-S5, 18.4R1-S8, 18.4R2-S3, 18.4R2-S5, 18.4R2-S6, 18.4R2-S7, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3, 18.4R3-S4, 18.4R3-S5, 18.4R3-S6, 19.1R1-S4, 19.1R1-S5, 19.1R1-S6, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.1R3-S3, 19.2R1-S2, 19.2R1-S5, 19.2R1-S6, 19.2R2, 19.2R2-S1, 19.2R3, 19.2R3-S1, 19.3R2, 19.3R2-S1, 19.3R2-S3, 19.3R2-S4, 19.3R2-S5, 19.3R3, 19.3R3-S1, 19.4R1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R2-S1, 19.4R2-S2, 19.4R2-S3, 19.4R3, 19.4R3-S1, 20.1R1 , 20.1R1-S2, 20.1R1-S3, 20.1R1-S4, 20.1R2, 20.2R1, 20.2R1-S1, 20.2R1-S2, 20.2R1-S3, 20.2R2, 20.3R1, 20.3R1-S1, 20.3R2 et 20.4R1

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA11096 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11098 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11097 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11094 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11104 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11099 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11093 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11101 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11088 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11092 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11091 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11100 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11095 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11090 du 13 janvier 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11102 du 13 janvier 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Juniper Networks SRC Series versions ant\u00e9rieures \u00e0 4.12.0R6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Contrail Networking versions ant\u00e9rieures \u00e0 1911.31",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS Evolved versions ant\u00e9rieures \u00e0 19.3R2-S5-EVO, 19.4R2-S2-EVO, 20.1R1-S2-EVO, 20.1R1-S4-EVO, 20.1R2-S1-EVO, 20.2R1-EVO, 20.3R1-S1-EVO, 20.3R2-EVO et 20.4R1-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S17, 12.3X48-D105, 14.1X53-D53, 15.1R7-S6, 15.1R7-S7, 15.1R7-S8, 15.1X49-D230, 15.1X49-D240, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.2R3-S3, 17.2R3-S4, 17.3R2-S5, 17.3R3-S10, 17.3R3-S7, 17.3R3-S8, 17.3R3-S9, 17.4R2-S11, 17.4R2-S12, 17.4R2-S9, 17.4R3, 17.4R3-S2, 17.4R3-S3, 17.4R3-S4, 18.1R3-S10, 18.1R3-S11, 18.1R3-S12, 18.1R3-S9, 18.2R2-S7, 18.2R2-S8, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2R3-S6, 18.2R3-S7, 18.2X75-D34, 18.3R2-S4, 18.3R3-S1, 18.3R3-S2, 18.3R3-S3, 18.3R3-S4, 18.4R1-S5, 18.4R1-S8, 18.4R2-S3, 18.4R2-S5, 18.4R2-S6, 18.4R2-S7, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3, 18.4R3-S4, 18.4R3-S5, 18.4R3-S6, 19.1R1-S4, 19.1R1-S5, 19.1R1-S6, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.1R3-S3, 19.2R1-S2, 19.2R1-S5, 19.2R1-S6, 19.2R2, 19.2R2-S1, 19.2R3, 19.2R3-S1, 19.3R2, 19.3R2-S1, 19.3R2-S3, 19.3R2-S4, 19.3R2-S5, 19.3R3, 19.3R3-S1, 19.4R1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R2-S1, 19.4R2-S2, 19.4R2-S3, 19.4R3, 19.4R3-S1, 20.1R1 , 20.1R1-S2, 20.1R1-S3, 20.1R1-S4, 20.1R2, 20.2R1, 20.2R1-S1, 20.2R1-S2, 20.2R1-S3, 20.2R2, 20.3R1, 20.3R1-S1, 20.3R2 et 20.4R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-0207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0207"
    },
    {
      "name": "CVE-2021-0222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0222"
    },
    {
      "name": "CVE-2018-20997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20997"
    },
    {
      "name": "CVE-2010-0742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0742"
    },
    {
      "name": "CVE-2013-1741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1741"
    },
    {
      "name": "CVE-2021-0206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0206"
    },
    {
      "name": "CVE-2010-4252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4252"
    },
    {
      "name": "CVE-2015-0292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0292"
    },
    {
      "name": "CVE-2012-2110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2110"
    },
    {
      "name": "CVE-2019-11478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11478"
    },
    {
      "name": "CVE-2021-0202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0202"
    },
    {
      "name": "CVE-2007-5846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5846"
    },
    {
      "name": "CVE-2013-5607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5607"
    },
    {
      "name": "CVE-2021-0211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0211"
    },
    {
      "name": "CVE-2014-3567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3567"
    },
    {
      "name": "CVE-2020-8617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8617"
    },
    {
      "name": "CVE-2021-0203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0203"
    },
    {
      "name": "CVE-2021-0205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0205"
    },
    {
      "name": "CVE-2009-3245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3245"
    },
    {
      "name": "CVE-2019-11479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11479"
    },
    {
      "name": "CVE-2021-0209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0209"
    },
    {
      "name": "CVE-2014-8176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8176"
    },
    {
      "name": "CVE-2019-11477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11477"
    },
    {
      "name": "CVE-2011-4109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4109"
    },
    {
      "name": "CVE-2010-3864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3864"
    },
    {
      "name": "CVE-2021-0208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0208"
    },
    {
      "name": "CVE-2019-13565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13565"
    },
    {
      "name": "CVE-2021-0212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0212"
    },
    {
      "name": "CVE-2020-8616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8616"
    },
    {
      "name": "CVE-2021-0210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0210"
    },
    {
      "name": "CVE-2014-1545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1545"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-033",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-01-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11096 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11096\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11098 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11098\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11097 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11097\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11094 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11094\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11104 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11104\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11099 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11099\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11093 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11093\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11101 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11101\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11088 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11088\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11092 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11092\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11091 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11091\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11100 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11100\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11095 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11095\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11090 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11090\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11102 du 13 janvier 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11102\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

GSD-2021-0202

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-0202

Aliases

CVE-2021-0202

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-0202",
    "description": "On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device\u003e show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of \u201c% NH mem Free\u201d will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3R3-S8; 17.4R3-S2; 18.2R3-S4, 18.2R3-S5; 18.3R3-S2, 18.3R3-S3; 18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6; 19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1; 19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3; 20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2. This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1.",
    "id": "GSD-2021-0202"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-0202"
      ],
      "details": "On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device\u003e show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of \u201c% NH mem Free\u201d will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3R3-S8; 17.4R3-S2; 18.2R3-S4, 18.2R3-S5; 18.3R3-S2, 18.3R3-S3; 18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6; 19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1; 19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3; 20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2. This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1.",
      "id": "GSD-2021-0202",
      "modified": "2023-12-13T01:23:07.590016Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "DATE_PUBLIC": "2021-01-13T17:00:00.000Z",
        "ID": "CVE-2021-0202",
        "STATE": "PUBLIC",
        "TITLE": "Junos OS: MX Series, EX9200 Series: Trio-based MPC memory leak when Integrated Routing and Bridging (IRB) interface is mapped to a VPLS instance or a Bridge-Domain"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Junos OS",
                    "version": {
                      "version_data": [
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "=",
                          "version_name": "17.3",
                          "version_value": "17.3R3-S8"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "=",
                          "version_name": "17.4",
                          "version_value": "17.4R3-S2"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "!",
                          "version_name": "18.1",
                          "version_value": "18.1"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "\u003e=",
                          "version_name": "18.2",
                          "version_value": "18.2R3-S4"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "\u003c",
                          "version_name": "18.2",
                          "version_value": "18.2R3-S6"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "\u003e=",
                          "version_name": "18.3",
                          "version_value": "18.3R3-S2"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "\u003c",
                          "version_name": "18.3",
                          "version_value": "18.3R3-S4"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "\u003e=",
                          "version_name": "18.4",
                          "version_value": "18.4R3-S1"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "\u003c",
                          "version_name": "18.4",
                          "version_value": "18.4R3-S6"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "!",
                          "version_name": "19.1",
                          "version_value": "19.1"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "\u003e=",
                          "version_name": "19.2",
                          "version_value": "19.2R2"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "\u003c",
                          "version_name": "19.2",
                          "version_value": "19.2R3-S1"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "!",
                          "version_name": "19.3",
                          "version_value": "19.3"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "\u003e=",
                          "version_name": "19.4",
                          "version_value": "19.4R2"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "\u003c",
                          "version_name": "19.4",
                          "version_value": "19.4R2-S3, 19.4R3"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "!",
                          "version_name": "20.1",
                          "version_value": "20.1"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "\u003e=",
                          "version_name": "20.2",
                          "version_value": "20.2R1"
                        },
                        {
                          "platform": "MX Series, EX9200 Series",
                          "version_affected": "\u003c",
                          "version_name": "20.2",
                          "version_value": "20.2R1-S3, 20.2R2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "configuration": [
        {
          "lang": "eng",
          "value": "This issue may occur when the IRB interface is configured and mapped to a VPLS instance or a Bridge-Domain\n\nIn the scenario where the IRB interface is mapped to a Bridge-Domain, the minimum configuration stanzas required related to this issue are the following:\n  [bridge-domains \u003cdomain_name\u003e routing-interface  irb.\u003cunit_number\u003e]\nin combination with:\n  [bridge-domains \u003cdomain_name\u003e  domain-type bridge]\n\nIn the scenario where the IRB interface is mapped to a VPLS instance, the minimum configuration stanzas required related to this issue are the following:\n  [routing-instances \u003cinstance_name\u003e instance-type vpls]\nin combination with:\n  [routing-instances \u003cinstance_name\u003e routing-interface irb.\u003cunit_number\u003e]\n\n"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device\u003e show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of \u201c% NH mem Free\u201d will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3R3-S8; 17.4R3-S2; 18.2R3-S4, 18.2R3-S5; 18.3R3-S2, 18.3R3-S3; 18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6; 19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1; 19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3; 20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2. This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-400 Uncontrolled Resource Consumption"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://kb.juniper.net/JSA11092",
            "refsource": "CONFIRM",
            "url": "https://kb.juniper.net/JSA11092"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "The following software releases have been updated to resolve this specific issue:  17.3R3-S9, 17.4R3-S3, 18.2R3-S6, 18.3R3-S4, 18.4R3-S6, 19.2R3-S1, 19.4R2-S3, 19.4R3, 20.2R1-S3, 20.2R2, 20.3R1, and all subsequent releases.\nThe fix has been proactively committed to other releases as well."
        }
      ],
      "source": {
        "advisory": "JSA11092",
        "defect": [
          "1525226"
        ],
        "discovery": "USER"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "There are no viable workarounds for this issue."
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.2:r3-s4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.4:r3-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:r3-s8:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.2:r3-s5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.3:r3-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.3:r3-s3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex9200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2021-0202"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device\u003e show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of \u201c% NH mem Free\u201d will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3R3-S8; 17.4R3-S2; 18.2R3-S4, 18.2R3-S5; 18.3R3-S2, 18.3R3-S3; 18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6; 19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1; 19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3; 20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2. This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-401"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA11092",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/JSA11092"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-08-05T18:30Z",
      "publishedDate": "2021-01-15T18:15Z"
    }
  }
}

FKIE_CVE-2021-0202

Vulnerability from fkie_nvd - Published: 2021-01-15 18:15 - Updated: 2024-11-21 05:42

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	sirt@juniper.net	https://kb.juniper.net/JSA11092	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA11092	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	17.3
juniper	junos	17.4
juniper	junos	18.2
juniper	junos	18.2
juniper	junos	18.3
juniper	junos	18.3
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	ex9200	-
juniper	mx10	-
juniper	mx10000	-
juniper	mx10003	-
juniper	mx104	-
juniper	mx150	-
juniper	mx2008	-
juniper	mx2010	-
juniper	mx2020	-
juniper	mx204	-
juniper	mx240	-
juniper	mx40	-
juniper	mx480	-
juniper	mx5	-
juniper	mx80	-
juniper	mx960	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s8:*:*:*:*:*:*",
              "matchCriteriaId": "130E4A30-A19D-4D1E-B91C-575E8F43EA87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "11A24AA6-5378-4EEA-82D5-66A5F1110698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "B783A510-A694-4BF0-8995-F05507F75A90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r3-s5:*:*:*:*:*:*",
              "matchCriteriaId": "C9CAAF7C-9876-473A-BE83-16EA8F00E8C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "A0BC4766-4BA4-4B02-A654-5C527EA66E9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "BB8263A9-5D63-46A2-9C98-B3980910B612",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "62E63730-F697-4FE6-936B-FD9B4F22EAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "064A7052-4EF5-4BFB-88FF-8122AEECB6A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "08C58CCB-3BAA-4400-B371-556DF46DE69C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "28F7740D-C636-4FA3-8479-E5E039041DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s5:*:*:*:*:*:*",
              "matchCriteriaId": "81F6DEA3-F07E-4FD0-87CB-4E8C0B768706",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "7C71D2FA-B1A4-4004-807F-7B3BB347DF4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "512FB3D1-BA5B-4F73-BDB2-49D6889F5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4DCFA774-96EF-4018-82CF-95C807025C24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "76022948-4B07-43CB-824C-44E1AB3537CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "25446F60-5CB9-4923-BCE8-609AE3CFDFBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:ex9200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D08A8D94-134A-41E7-8396-70D8B0735E9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52699E2B-450A-431C-81E3-DC4483C8B4F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5627740-42E3-4FB1-B8B9-0B768AFFA1EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F72C850A-0530-4DB7-A553-7E19F82122B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FE2089C-F341-4DC1-B76D-633BC699306D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27175D9A-CA2C-4218-8042-835E25DFCA43",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00C7FC57-8ACF-45AA-A227-7E3B350FD24F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2754C2DF-DF6E-4109-9463-38B4E0465B77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C982A2FF-A1F9-4830-BAB6-77CFCE1F093F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B557965-0040-4048-B56C-F564FF28635B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB875EBD-A3CD-4466-B2A3-39D47FF94592",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device\u003e show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of \u201c% NH mem Free\u201d will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3R3-S8; 17.4R3-S2; 18.2R3-S4, 18.2R3-S5; 18.3R3-S2, 18.3R3-S3; 18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6; 19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1; 19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3; 20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2. This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1."
    },
    {
      "lang": "es",
      "value": "En plataformas Juniper Networks Serie MX y Serie EX9200 con Trio-based MPC (Modular Port Concentrator), donde la interfaz Integrated Routing and Bridging (IRB) est\u00e1 configurada y mapeada a una instancia VPLS o Bridge-Domain, determinados eventos de red en Customer Edge (CE) puede causar una p\u00e9rdida de memoria en el MPC, lo que puede causar una falta de memoria y el reinicio del MPC.\u0026#xa0;Cuando este problema ocurre, habr\u00e1 una interrupci\u00f3n temporal del tr\u00e1fico hasta que el MPC es restaurado.\u0026#xa0;Un administrador puede usar el siguiente comando CLI para monitorear el estado del nivel de uso de memoria del MPC: user@device) show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99. Cuando se produce el problema, el valor de \u201c% NH mem Free\u201d bajar\u00e1 hasta que el MPC reinicie.\u0026#xa0;Este problema afecta la Serie MX y Serie EX9200 con Trio-based PFEs (Packet Forwarding Engines).\u0026#xa0;Consulte https://kb.juniper.net/KB25385 para visualizar la lista de PFE Trio-based.\u0026#xa0;Este problema afecta al Juniper Networks Junos OS en la Serie MX, Serie EX9200: versiones 17.3R3-S8;\u0026#xa0;17,4R3-S2;\u0026#xa0;18.2R3-S4, 18.2R3-S5;\u0026#xa0;18.3R3-S2, 18.3R3-S3;\u0026#xa0;18.4 versiones desde 18.4R3-S1 y versiones posteriores a 18.4R3-S6;\u0026#xa0;19.2 versiones desde 19.2R2 y versiones posteriores a 19.2R3-S1;\u0026#xa0;19.4 versiones a partir de 19.4R2 y versiones posteriores a 19.4R2-S3, 19.4R3;\u0026#xa0;20.2 versiones desde 20.2R1 y versiones posteriores a 20.2R1-S3,\u0026#xa0;20.2R2.\u0026#xa0;Este problema no afecta a Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1"
    }
  ],
  "id": "CVE-2021-0202",
  "lastModified": "2024-11-21T05:42:11.437",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      }
    ]
  },
  "published": "2021-01-15T18:15:14.370",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11092"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11092"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-GGWM-QQ5R-J28W

Vulnerability from github – Published: 2022-05-24 22:28 – Updated: 2022-08-06 00:00

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-0202"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-15T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device\u003e show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of \u201c% NH mem Free\u201d will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3R3-S8; 17.4R3-S2; 18.2R3-S4, 18.2R3-S5; 18.3R3-S2, 18.3R3-S3; 18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6; 19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1; 19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3; 20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2. This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1.",
  "id": "GHSA-ggwm-qq5r-j28w",
  "modified": "2022-08-06T00:00:38Z",
  "published": "2022-05-24T22:28:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0202"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA11092"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-0202 (GCVE-0-2021-0202)

CERTFR-2021-AVI-033

Solution

CERTFR-2021-AVI-033

Solution

GSD-2021-0202

FKIE_CVE-2021-0202

GHSA-GGWM-QQ5R-J28W

Tags

Sightings

Nomenclature