cvelistv5 - cve-2021-0236

CVE-2021-0236 (GCVE-0-2021-0236)

Vulnerability from cvelistv5 – Published: 2021-04-22 19:37 – Updated: 2024-09-16 19:15

Summary

Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec deployments. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: All versions after 18.4R1-EVO prior to 20.3R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved versions prior to 18.4R1-EVO.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-754 - Improper Check for Unusual or Exceptional Conditions
Denial of Service (DoS)

Assigner

juniper

References

URL

Tags

https://kb.juniper.net/JSA11131

x_refsource_MISC

Impacted products

Vendor

Product

Version

Juniper Networks

Junos OS

Unaffected: unspecified , < 18.4R1 (custom)
Affected: 18.4 , < 18.4R1-S8, 18.4R2-S7, 18.4R3-S7 (custom)
Affected: 19.1 , < 19.1R2-S2, 19.1R3-S4 (custom)
Affected: 19.2 , < 19.2R1-S6, 19.2R3-S2 (custom)
Affected: 19.3 , < 19.3R3-S2 (custom)
Affected: 19.4 , < 19.4R2-S4, 19.4R3-S1 (custom)
Affected: 20.1 , < 20.1R2, 20.1R3, 20.1R3-EVO (custom)
Affected: 20.2 , < 20.2R2, 20.2R3, 20.2R3-EVO (custom)
Affected: 20.3 , < 20.3R1-S1, 20.3R2, 20.3R2-EVO (custom)

Juniper Networks

Junos OS Evolved

Unaffected: unspecified , < 18.4R1-EVO (custom)
Affected: 20.3-EVO , < 20.3R2-EVO (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:32:10.109Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA11131"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "18.4R1",
              "status": "unaffected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "18.4R1-S8, 18.4R2-S7, 18.4R3-S7",
              "status": "affected",
              "version": "18.4",
              "versionType": "custom"
            },
            {
              "lessThan": "19.1R2-S2, 19.1R3-S4",
              "status": "affected",
              "version": "19.1",
              "versionType": "custom"
            },
            {
              "lessThan": "19.2R1-S6, 19.2R3-S2",
              "status": "affected",
              "version": "19.2",
              "versionType": "custom"
            },
            {
              "lessThan": "19.3R3-S2",
              "status": "affected",
              "version": "19.3",
              "versionType": "custom"
            },
            {
              "lessThan": "19.4R2-S4, 19.4R3-S1",
              "status": "affected",
              "version": "19.4",
              "versionType": "custom"
            },
            {
              "lessThan": "20.1R2, 20.1R3, 20.1R3-EVO",
              "status": "affected",
              "version": "20.1",
              "versionType": "custom"
            },
            {
              "lessThan": "20.2R2, 20.2R3, 20.2R3-EVO",
              "status": "affected",
              "version": "20.2",
              "versionType": "custom"
            },
            {
              "lessThan": "20.3R1-S1, 20.3R2, 20.3R2-EVO",
              "status": "affected",
              "version": "20.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Junos OS Evolved",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "18.4R1-EVO",
              "status": "unaffected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "20.3R2-EVO",
              "status": "affected",
              "version": "20.3-EVO",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "The examples of the config stanza affected by this issue:\n  [ protocols bgp group \u003cgroup-name\u003e family inet6-vpn flow ]"
        }
      ],
      "datePublic": "2021-04-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec deployments. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: All versions after 18.4R1-EVO prior to 20.3R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved versions prior to 18.4R1-EVO."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "description": "Denial of Service (DoS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-22T19:37:03",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.juniper.net/JSA11131"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS: 18.4R1-S8, 18.4R2-S7, 18.4R3-S7, 19.1R2-S2, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R3-S2, 19.4R2-S4, 19.4R3-S1, 20.1R2, 20.1R3, 20.2R2, 20.2R3, 20.3R1-S1, 20.3R2, 20.4R1 and all subsequent releases.\n\nJunos OS Evolved: 20.3R2-EVO, 20.4R1-EVO, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA11131",
        "defect": [
          "1537085"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Junos OS: A specific BGP VPNv6 flowspec message causes routing protocol daemon (rpd) process to crash with a core.",
      "workarounds": [
        {
          "lang": "en",
          "value": "Do not configure \"family inet6-vpn flow\" under BGP if no inet6-vpn routes are required to be received."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2021-04-14T16:00:00.000Z",
          "ID": "CVE-2021-0236",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: A specific BGP VPNv6 flowspec message causes routing protocol daemon (rpd) process to crash with a core."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!\u003c",
                            "version_value": "18.4R1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "18.4",
                            "version_value": "18.4R1-S8, 18.4R2-S7, 18.4R3-S7"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "19.1",
                            "version_value": "19.1R2-S2, 19.1R3-S4"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "19.2",
                            "version_value": "19.2R1-S6, 19.2R3-S2"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "19.3",
                            "version_value": "19.3R3-S2"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "19.4",
                            "version_value": "19.4R2-S4, 19.4R3-S1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "20.1",
                            "version_value": "20.1R2, 20.1R3, 20.1R3-EVO"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "20.2",
                            "version_value": "20.2R2, 20.2R3, 20.2R3-EVO"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "20.3",
                            "version_value": "20.3R1-S1, 20.3R2, 20.3R2-EVO"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Junos OS Evolved",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!\u003c",
                            "version_value": "18.4R1-EVO"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "20.3-EVO",
                            "version_value": "20.3R2-EVO"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "The examples of the config stanza affected by this issue:\n  [ protocols bgp group \u003cgroup-name\u003e family inet6-vpn flow ]"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec deployments. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: All versions after 18.4R1-EVO prior to 20.3R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved versions prior to 18.4R1-EVO."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service (DoS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA11131",
              "refsource": "MISC",
              "url": "https://kb.juniper.net/JSA11131"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS: 18.4R1-S8, 18.4R2-S7, 18.4R3-S7, 19.1R2-S2, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R3-S2, 19.4R2-S4, 19.4R3-S1, 20.1R2, 20.1R3, 20.2R2, 20.2R3, 20.3R1-S1, 20.3R2, 20.4R1 and all subsequent releases.\n\nJunos OS Evolved: 20.3R2-EVO, 20.4R1-EVO, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA11131",
          "defect": [
            "1537085"
          ],
          "discovery": "INTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Do not configure \"family inet6-vpn flow\" under BGP if no inet6-vpn routes are required to be received."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2021-0236",
    "datePublished": "2021-04-22T19:37:03.319394Z",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-09-16T19:15:47.001Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"74CA9010-D3DE-487B-B46F-589A48AB0F0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A38F224C-8E9B-44F3-9D4F-6C9F04F57927\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"853F146A-9A0F-49B6-AFD2-9907434212F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F73B88B-E66C-4ACD-B38D-9365FB230ABA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE1F82EC-3222-4158-8923-59CDA1909A9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FE95D15-B5E5-4E74-9464-C72D8B646A6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"C012CD07-706A-4E1C-B399-C55AEF5C8309\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0C26E59-874A-4D87-9E7F-E366F4D65ED1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*\", \"matchCriteriaId\": \"75902119-60D0-49F8-8E01-666E0F75935A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D59D7A31-128B-4034-862B-8EF3CE3EE949\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C5E097B-B79E-4E6A-9291-C8CB9674FED5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"819FA3ED-F934-4B20-BC0E-D638ACCB7787\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D7D773A-4988-4D7C-A105-1885EBE14426\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r2-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BD93674-9375-493E-BD6C-8AD41CC75DD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r2-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"34E28FD9-1089-42F7-8586-876DBEC965DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r2-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7E72C49-1849-4A6F-81BC-D03F06D47D6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"736B7A9F-E237-45AF-A6D6-84412475F481\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"62E63730-F697-4FE6-936B-FD9B4F22EAE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"064A7052-4EF5-4BFB-88FF-8122AEECB6A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"08C58CCB-3BAA-4400-B371-556DF46DE69C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"28F7740D-C636-4FA3-8479-E5E039041DA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"81F6DEA3-F07E-4FD0-87CB-4E8C0B768706\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C1601BB-CAB7-4C92-8416-1824BB85D820\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"768C0EB7-8456-4BF4-8598-3401A54D21DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5332B70A-F6B0-4C3B-90E2-5CBFB3326126\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"81439FE8-5405-45C2-BC04-9823D2009A77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E506138D-043E-485D-B485-94A2AB75F8E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EF3C901-3599-463F-BEFB-8858768DC195\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD806778-A995-4A9B-9C05-F4D7B1CB1F7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"02B42BE8-1EF2-47F7-9F10-DE486A017EED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCAB79C9-6639-4ED0-BEC9-E7C8229DF977\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8CF858F-84BB-4AEA-B829-FCF22C326160\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"5405F361-AB96-4477-AA0D-49B874324B39\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E45E5421-2F6F-4AF9-8EB1-431A804FC649\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"93098975-4A06-4A72-8DF0-F2C5E1AF2F77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1F3AEE4-CEB8-4CAA-A48A-1B4647FFFCDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E7545CE-6300-4E81-B5AF-2BE150C1B190\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CA3060F-1800-4A06-A453-FB8CE4B65312\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A5B337A-727C-4767-AD7B-E0F7F99EB46F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"16FDE60B-7A99-4683-BC14-530B5B005F8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"725D8C27-E4F8-4394-B4EC-B49B6D3C2709\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"8233C3AB-470E-4D13-9BFD-C9E90918FD0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F7A233A-D4F6-46FA-92E9-2ACE13E4A6A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C71D2FA-B1A4-4004-807F-7B3BB347DF4C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E78E854-DDD3-4D1A-97AB-AEA70B9B811F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"512FB3D1-BA5B-4F73-BDB2-49D6889F5473\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FCBFF57-83A1-4C1C-A38D-7DAB48BCA2EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"59006503-B2CA-4F79-AC13-7C5615A74CE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8110DA9-54B1-43CF-AACB-76EABE0C9EF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"11B5CC5A-1959-4113-BFCF-E4BA63D918C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"33F08A33-EF80-4D86-9A9A-9DF147B9B6D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF24ACBD-5F84-47B2-BFF3-E9A56666269C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3935A586-41BD-4FA5-9596-DED6F0864777\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"B83FB539-BD7C-4BEE-9022-098F73902F38\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"7659AC36-A5EA-468A-9793-C1EC914D36F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0E018E1-568E-40F2-ADA5-F71509811879\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9295AF3-A883-47C3-BAF8-3D82F719733E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC743EE4-8833-452A-94DB-655BF139F883\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE96A8EA-FFE3-4D8F-9266-21899149D634\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"C12A75C6-2D00-4202-B861-00FF71585FA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DCFA774-96EF-4018-82CF-95C807025C24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"76022948-4B07-43CB-824C-44E1AB3537CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"25446F60-5CB9-4923-BCE8-609AE3CFDFBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"758275F3-9457-45A2-8F57-65DCD659FC1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8328FDE6-9707-4142-B905-3B07C0E28E35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"41CD982F-E6F2-4951-9F96-A76C142DF08E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"19FDC05F-5582-4F7E-B628-E58A3C0E7F2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"401306D1-E9CE-49C6-8DC9-0E8747B9DC2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"615EAF48-AD53-4CC2-B233-5EA5C0F72CB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3C23AEB-34DE-44FB-8D64-E69D6E8B7401\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"18DB9401-5A51-4BB3-AC2F-58F58F1C788C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"06F53DA5-59AE-403C-9B1E-41CE267D8BB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C9BC697-C7C9-447D-9EBD-E9711462583E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C3245C5-9EE1-490C-B7C7-5C02F155DDD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"01A9BD92-5865-455D-9585-098DCFCC24DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"914D6984-1820-483B-AEB9-2C5257B5E900\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"14C57D33-01BB-4190-B787-F5BDACE82AFD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"6480A5C9-3280-40C5-BC08-509555F28363\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D3C2D74-AF22-4BED-A0C5-089B5507D275\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F64FBB4B-7CBF-499B-A523-804857DEFAFA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec deployments. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: All versions after 18.4R1-EVO prior to 20.3R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved versions prior to 18.4R1-EVO.\"}, {\"lang\": \"es\", \"value\": \"Debido a una comprobaci\\u00f3n inapropiada de condiciones inusuales o excepcionales en Juniper Networks Junos OS y  Junos OS Evolved, el Routing Protocol Daemon (RPD), al recibir un paquete BGP espec\\u00edfico que coincide con un t\\u00e9rmino espec\\u00edfico en la configuraci\\u00f3n de flowpec, se bloquea y se reinicia causando una Denegaci\\u00f3n de Servicio (DoS).\u0026#xa0;La recepci\\u00f3n y el procesamiento continuo de este paquete crear\\u00e1n una condici\\u00f3n sostenida de Denegaci\\u00f3n de Servicio (DoS).\u0026#xa0;Este problema afecta solo a las implementaciones Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec.\u0026#xa0;Este problema afecta a: Juniper Networks Junos OS: versiones 18.4 anteriores a 18.4R1-S8, 18.4R2-S7, 18.4R3-S7;\u0026#xa0;versiones 19.1 anteriores a 19.1R2-S2, 19.1R3-S4;\u0026#xa0;versiones 19.2  anteriores a 19.2R1-S6, 19.2R3-S2;\u0026#xa0;versiones 19.3 anteriores a 19.3R3-S2;\u0026#xa0;versiones 19.4 anteriores a 19.4R2-S4, 19.4R3-S1;\u0026#xa0;versiones 20.1 anteriores a 20.1R2, 20.1R3;\u0026#xa0;versiones 20.2 anteriores a 20.2R2, 20.2R3;\u0026#xa0;versiones 20.\u0026#xa0;3 anteriores a 20.3R1-S1, 20.3R2.\u0026#xa0;Juniper Networks Junos OS Evolved: todas las versiones posteriores a 18.4R1-EVO anteriores a 20.3R2-EVO.\u0026#xa0;Este problema no afecta a: Juniper Networks Junos OS versiones anteriores a 18.4R1.\u0026#xa0;Juniper Networks Junos OS Evolved versiones anteriores a 18.4R1-EVO\"}]",
      "id": "CVE-2021-0236",
      "lastModified": "2024-11-21T05:42:16.330",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:N/I:N/A:C\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-04-22T20:15:08.843",
      "references": "[{\"url\": \"https://kb.juniper.net/JSA11131\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://kb.juniper.net/JSA11131\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-754\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-754\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-0236\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2021-04-22T20:15:08.843\",\"lastModified\":\"2024-11-21T05:42:16.330\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec deployments. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: All versions after 18.4R1-EVO prior to 20.3R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved versions prior to 18.4R1-EVO.\"},{\"lang\":\"es\",\"value\":\"Debido a una comprobaci\u00f3n inapropiada de condiciones inusuales o excepcionales en Juniper Networks Junos OS y  Junos OS Evolved, el Routing Protocol Daemon (RPD), al recibir un paquete BGP espec\u00edfico que coincide con un t\u00e9rmino espec\u00edfico en la configuraci\u00f3n de flowpec, se bloquea y se reinicia causando una Denegaci\u00f3n de Servicio (DoS).\u0026#xa0;La recepci\u00f3n y el procesamiento continuo de este paquete crear\u00e1n una condici\u00f3n sostenida de Denegaci\u00f3n de Servicio (DoS).\u0026#xa0;Este problema afecta solo a las implementaciones Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec.\u0026#xa0;Este problema afecta a: Juniper Networks Junos OS: versiones 18.4 anteriores a 18.4R1-S8, 18.4R2-S7, 18.4R3-S7;\u0026#xa0;versiones 19.1 anteriores a 19.1R2-S2, 19.1R3-S4;\u0026#xa0;versiones 19.2  anteriores a 19.2R1-S6, 19.2R3-S2;\u0026#xa0;versiones 19.3 anteriores a 19.3R3-S2;\u0026#xa0;versiones 19.4 anteriores a 19.4R2-S4, 19.4R3-S1;\u0026#xa0;versiones 20.1 anteriores a 20.1R2, 20.1R3;\u0026#xa0;versiones 20.2 anteriores a 20.2R2, 20.2R3;\u0026#xa0;versiones 20.\u0026#xa0;3 anteriores a 20.3R1-S1, 20.3R2.\u0026#xa0;Juniper Networks Junos OS Evolved: todas las versiones posteriores a 18.4R1-EVO anteriores a 20.3R2-EVO.\u0026#xa0;Este problema no afecta a: Juniper Networks Junos OS versiones anteriores a 18.4R1.\u0026#xa0;Juniper Networks Junos OS Evolved versiones anteriores a 18.4R1-EVO\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:N/A:C\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-754\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-754\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"74CA9010-D3DE-487B-B46F-589A48AB0F0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A38F224C-8E9B-44F3-9D4F-6C9F04F57927\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"853F146A-9A0F-49B6-AFD2-9907434212F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F73B88B-E66C-4ACD-B38D-9365FB230ABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE1F82EC-3222-4158-8923-59CDA1909A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FE95D15-B5E5-4E74-9464-C72D8B646A6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C012CD07-706A-4E1C-B399-C55AEF5C8309\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0C26E59-874A-4D87-9E7F-E366F4D65ED1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"75902119-60D0-49F8-8E01-666E0F75935A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D59D7A31-128B-4034-862B-8EF3CE3EE949\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C5E097B-B79E-4E6A-9291-C8CB9674FED5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"819FA3ED-F934-4B20-BC0E-D638ACCB7787\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D7D773A-4988-4D7C-A105-1885EBE14426\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BD93674-9375-493E-BD6C-8AD41CC75DD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r2-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"34E28FD9-1089-42F7-8586-876DBEC965DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r2-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7E72C49-1849-4A6F-81BC-D03F06D47D6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"736B7A9F-E237-45AF-A6D6-84412475F481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"62E63730-F697-4FE6-936B-FD9B4F22EAE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"064A7052-4EF5-4BFB-88FF-8122AEECB6A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"08C58CCB-3BAA-4400-B371-556DF46DE69C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"28F7740D-C636-4FA3-8479-E5E039041DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F6DEA3-F07E-4FD0-87CB-4E8C0B768706\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C1601BB-CAB7-4C92-8416-1824BB85D820\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"768C0EB7-8456-4BF4-8598-3401A54D21DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5332B70A-F6B0-4C3B-90E2-5CBFB3326126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"81439FE8-5405-45C2-BC04-9823D2009A77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E506138D-043E-485D-B485-94A2AB75F8E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EF3C901-3599-463F-BEFB-8858768DC195\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD806778-A995-4A9B-9C05-F4D7B1CB1F7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"02B42BE8-1EF2-47F7-9F10-DE486A017EED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCAB79C9-6639-4ED0-BEC9-E7C8229DF977\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8CF858F-84BB-4AEA-B829-FCF22C326160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5405F361-AB96-4477-AA0D-49B874324B39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E45E5421-2F6F-4AF9-8EB1-431A804FC649\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"93098975-4A06-4A72-8DF0-F2C5E1AF2F77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1F3AEE4-CEB8-4CAA-A48A-1B4647FFFCDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E7545CE-6300-4E81-B5AF-2BE150C1B190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CA3060F-1800-4A06-A453-FB8CE4B65312\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A5B337A-727C-4767-AD7B-E0F7F99EB46F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"16FDE60B-7A99-4683-BC14-530B5B005F8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"725D8C27-E4F8-4394-B4EC-B49B6D3C2709\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8233C3AB-470E-4D13-9BFD-C9E90918FD0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7A233A-D4F6-46FA-92E9-2ACE13E4A6A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C71D2FA-B1A4-4004-807F-7B3BB347DF4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E78E854-DDD3-4D1A-97AB-AEA70B9B811F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"512FB3D1-BA5B-4F73-BDB2-49D6889F5473\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FCBFF57-83A1-4C1C-A38D-7DAB48BCA2EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"59006503-B2CA-4F79-AC13-7C5615A74CE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8110DA9-54B1-43CF-AACB-76EABE0C9EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"11B5CC5A-1959-4113-BFCF-E4BA63D918C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F08A33-EF80-4D86-9A9A-9DF147B9B6D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF24ACBD-5F84-47B2-BFF3-E9A56666269C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3935A586-41BD-4FA5-9596-DED6F0864777\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B83FB539-BD7C-4BEE-9022-098F73902F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7659AC36-A5EA-468A-9793-C1EC914D36F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E018E1-568E-40F2-ADA5-F71509811879\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9295AF3-A883-47C3-BAF8-3D82F719733E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC743EE4-8833-452A-94DB-655BF139F883\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE96A8EA-FFE3-4D8F-9266-21899149D634\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C12A75C6-2D00-4202-B861-00FF71585FA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DCFA774-96EF-4018-82CF-95C807025C24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"76022948-4B07-43CB-824C-44E1AB3537CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"25446F60-5CB9-4923-BCE8-609AE3CFDFBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"758275F3-9457-45A2-8F57-65DCD659FC1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8328FDE6-9707-4142-B905-3B07C0E28E35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"41CD982F-E6F2-4951-9F96-A76C142DF08E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"19FDC05F-5582-4F7E-B628-E58A3C0E7F2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"401306D1-E9CE-49C6-8DC9-0E8747B9DC2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"615EAF48-AD53-4CC2-B233-5EA5C0F72CB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C23AEB-34DE-44FB-8D64-E69D6E8B7401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"18DB9401-5A51-4BB3-AC2F-58F58F1C788C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"06F53DA5-59AE-403C-9B1E-41CE267D8BB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C9BC697-C7C9-447D-9EBD-E9711462583E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C3245C5-9EE1-490C-B7C7-5C02F155DDD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"01A9BD92-5865-455D-9585-098DCFCC24DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"914D6984-1820-483B-AEB9-2C5257B5E900\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"14C57D33-01BB-4190-B787-F5BDACE82AFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6480A5C9-3280-40C5-BC08-509555F28363\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D3C2D74-AF22-4BED-A0C5-089B5507D275\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F64FBB4B-7CBF-499B-A523-804857DEFAFA\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA11131\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://kb.juniper.net/JSA11131\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2021-AVI-290

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Junos OS versions antérieures à 12.3R12-S15, 12.3R12-S17, 12.3X48-D105, 12.3X48-D95, 14.1X53-D49, 15.1R7-S6, 15.1R7-S8, 15.1R7-S9, 15.1X49-D190, 15.1X49-D191, 15.1X49-D200, 15.1X49-D230, 15.1X49-D240, 15.1X53-D592, 16.1R7-S7, 16.1R7-S8, 16.1R8, 16.2R2-S11, 16.2R3, 17.1R2-S11, 17.1R2-S12, 17.1R3, 17.1R3-S2, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.3R2-S5, 17.3R3-S10, 17.3R3-S11, 17.3R3-S7, 17.3R3-S8, 17.3R3-S9, 17.4R2-S10, 17.4R2-S12, 17.4R2-S13, 17.4R2-S6, 17.4R2-S9, 17.4R3, 17.4R3-S2, 17.4R3-S3, 17.4R3-S4, 17.4R3-S5, 18.1R3-S10, 18.1R3-S11, 18.1R3-S12, 18.1R3-S13, 18.1R3-S5, 18.1R3-S7, 18.1R3-S9, 18.2R2-S6, 18.2R2-S7, 18.2R2-S8, 18.2R3, 18.2R3-S1, 18.2R3-S3, 18.2R3-S5, 18.2R3-S6, 18.2R3-S7, 18.2R3-S8, 18.3R1-S7, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.3R3-S3, 18.3R3-S4, 18.3R3-S5, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R1-S8, 18.4R2, 18.4R2-S3, 18.4R2-S4, 18.4R2-S5, 18.4R2-S6, 18.4R2-S7, 18.4R2-S8, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3, 18.4R3-S4, 18.4R3-S5, 18.4R3-S6, 18.4R3-S7, 19.1R1, 19.1R1-S3, 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.1R3-S3, 19.1R3-S4, 19.2R1, 19.2R1-S1, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R1-S6, 19.2R2, 19.2R3, 19.2R3-S1, 19.2R3-S2, 19.3R1, 19.3R2, 19.3R2-S3, 19.3R2-S4, 19.3R2-S5, 19.3R3, 19.3R3-S1, 19.3R3-S2, 19.4R1, 19.4R1-S1, 19.4R1-S3, 19.4R2, 19.4R2-S2, 19.4R2-S4, 19.4R3, 19.4R3-S1, 19.4R3-S2, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R1-S3, 20.1R2, 20.1R2-S1, 20.1R3, 20.2R1, 20.2R1-S1, 20.2R1-S2, 20.2R2, 20.2R2-S1, 20.2R2-S2, 20.2R2-S3, 20.2R3, 20.3R1, 20.3R1-S1, 20.3R1-S2, 20.3R2, 20.3R3, 20.4R1, 20.4R1-S1, 20.4R2 et 21.1R1
Junos OS Evolved versions antérieures à 19.2R2-EVO, 19.4R2-EVO, 20.1R1-EVO, 20.3R2-EVO, 20.4R1-EVO, 20.4R2-EVO et 21.1R1-EVO
Paragon Active Assurance Control Center versions antérieures à 2.35.6, 2.36.2 et 3.0.0
AppFormix versions antérieures à 3.1.22, 3.2.14 et 3.3.0

Les vulnérabilités CVE-2021-0248 (score CVSSv3 : 10, https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11141&cat=SIRT_1&actp=LIST) et CVE-2021-0254 (score CVSSv3 : 9.8, https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11147&cat=SIRT_1&actp=LIST) sont les plus critiques de ce présent avis.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA11160 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11152 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11154 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11162 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11150 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11130 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11163 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11144 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11155 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11133 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11166 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11164 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11157 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11137 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11151 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11145 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11132 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11158 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11128 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11153 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11143 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11129 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11136 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11156 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11159 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11134 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11131 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11141 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11146 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11142 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11127 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11138 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11147 du 14 avril 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eJunos OS versions ant\u00e9rieures \u00e0 12.3R12-S15, 12.3R12-S17, 12.3X48-D105, 12.3X48-D95, 14.1X53-D49, 15.1R7-S6, 15.1R7-S8, 15.1R7-S9, 15.1X49-D190, 15.1X49-D191, 15.1X49-D200, 15.1X49-D230, 15.1X49-D240, 15.1X53-D592, 16.1R7-S7, 16.1R7-S8, 16.1R8, 16.2R2-S11, 16.2R3, 17.1R2-S11, 17.1R2-S12, 17.1R3, 17.1R3-S2, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.3R2-S5, 17.3R3-S10, 17.3R3-S11, 17.3R3-S7, 17.3R3-S8, 17.3R3-S9, 17.4R2-S10, 17.4R2-S12, 17.4R2-S13, 17.4R2-S6, 17.4R2-S9, 17.4R3, 17.4R3-S2, 17.4R3-S3, 17.4R3-S4, 17.4R3-S5, 18.1R3-S10, 18.1R3-S11, 18.1R3-S12, 18.1R3-S13, 18.1R3-S5, 18.1R3-S7, 18.1R3-S9, 18.2R2-S6, 18.2R2-S7, 18.2R2-S8, 18.2R3, 18.2R3-S1, 18.2R3-S3, 18.2R3-S5, 18.2R3-S6, 18.2R3-S7, 18.2R3-S8, 18.3R1-S7, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.3R3-S3, 18.3R3-S4, 18.3R3-S5, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R1-S8, 18.4R2, 18.4R2-S3, 18.4R2-S4, 18.4R2-S5, 18.4R2-S6, 18.4R2-S7, 18.4R2-S8, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3, 18.4R3-S4, 18.4R3-S5, 18.4R3-S6, 18.4R3-S7, 19.1R1, 19.1R1-S3, 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.1R3-S3, 19.1R3-S4, 19.2R1, 19.2R1-S1, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R1-S6, 19.2R2, 19.2R3, 19.2R3-S1, 19.2R3-S2, 19.3R1, 19.3R2, 19.3R2-S3, 19.3R2-S4, 19.3R2-S5, 19.3R3, 19.3R3-S1, 19.3R3-S2, 19.4R1, 19.4R1-S1, 19.4R1-S3, 19.4R2, 19.4R2-S2, 19.4R2-S4, 19.4R3, 19.4R3-S1, 19.4R3-S2, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R1-S3, 20.1R2, 20.1R2-S1, 20.1R3, 20.2R1, 20.2R1-S1, 20.2R1-S2, 20.2R2, 20.2R2-S1, 20.2R2-S2, 20.2R2-S3, 20.2R3, 20.3R1, 20.3R1-S1, 20.3R1-S2, 20.3R2, 20.3R3, 20.4R1, 20.4R1-S1, 20.4R2 et 21.1R1\u003c/li\u003e \u003cli\u003eJunos OS Evolved versions ant\u00e9rieures \u00e0 19.2R2-EVO, 19.4R2-EVO, 20.1R1-EVO, 20.3R2-EVO, 20.4R1-EVO, 20.4R2-EVO et 21.1R1-EVO\u003c/li\u003e \u003cli\u003eParagon Active Assurance Control Center versions ant\u00e9rieures \u00e0 2.35.6, 2.36.2 et 3.0.0\u003c/li\u003e \u003cli\u003eAppFormix versions ant\u00e9rieures \u00e0 3.1.22, 3.2.14 et 3.3.0\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eLes vuln\u00e9rabilit\u00e9s\u00a0CVE-2021-0248 (score CVSSv3 : 10, \u003ca href=\"https://kb.juniper.net/InfoCenter/index?page=content\u0026amp;id=JSA11141\u0026amp;cat=SIRT_1\u0026amp;actp=LIST\"\u003ehttps://kb.juniper.net/InfoCenter/index?page=content\u0026amp;id=JSA11141\u0026amp;cat=SIRT_1\u0026amp;actp=LIST\u003c/a\u003e) et\u00a0CVE-2021-0254 (score CVSSv3 : 9.8, \u003ca href=\"https://kb.juniper.net/InfoCenter/index?page=content\u0026amp;id=JSA11147\u0026amp;cat=SIRT_1\u0026amp;actp=LIST\"\u003ehttps://kb.juniper.net/InfoCenter/index?page=content\u0026amp;id=JSA11147\u0026amp;cat=SIRT_1\u0026amp;actp=LIST\u003c/a\u003e) sont les plus critiques de ce pr\u00e9sent avis.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-0250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0250"
    },
    {
      "name": "CVE-2021-0238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0238"
    },
    {
      "name": "CVE-2021-0254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0254"
    },
    {
      "name": "CVE-2021-0263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0263"
    },
    {
      "name": "CVE-2021-0243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0243"
    },
    {
      "name": "CVE-2021-0273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0273"
    },
    {
      "name": "CVE-2021-0262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0262"
    },
    {
      "name": "CVE-2021-0237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0237"
    },
    {
      "name": "CVE-2021-0264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0264"
    },
    {
      "name": "CVE-2021-0248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0248"
    },
    {
      "name": "CVE-2021-0272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0272"
    },
    {
      "name": "CVE-2021-0233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0233"
    },
    {
      "name": "CVE-2021-0269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0269"
    },
    {
      "name": "CVE-2021-0236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0236"
    },
    {
      "name": "CVE-2021-0251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0251"
    },
    {
      "name": "CVE-2021-0244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0244"
    },
    {
      "name": "CVE-2021-0267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0267"
    },
    {
      "name": "CVE-2021-0253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0253"
    },
    {
      "name": "CVE-2021-0232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0232"
    },
    {
      "name": "CVE-2021-0260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0260"
    },
    {
      "name": "CVE-2021-0271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0271"
    },
    {
      "name": "CVE-2021-0249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0249"
    },
    {
      "name": "CVE-2021-0234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0234"
    },
    {
      "name": "CVE-2021-0235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0235"
    },
    {
      "name": "CVE-2021-0239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0239"
    },
    {
      "name": "CVE-2021-0266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0266"
    },
    {
      "name": "CVE-2021-0259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0259"
    },
    {
      "name": "CVE-2021-0265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0265"
    },
    {
      "name": "CVE-2021-0275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0275"
    },
    {
      "name": "CVE-2021-0268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0268"
    },
    {
      "name": "CVE-2021-0261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0261"
    },
    {
      "name": "CVE-2021-0245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0245"
    },
    {
      "name": "CVE-2021-0252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0252"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-290",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-04-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11160 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11160\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11152 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11152\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11154 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11154\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11162 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11162\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11150 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11150\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11130 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11130\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11163 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11163\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11144 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11144\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11155 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11155\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11133 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11133\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11166 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11166\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11164 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11164\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11157 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11157\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11137 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11137\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11151 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11151\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11145 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11145\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11132 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11132\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11158 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11158\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11128 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11128\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11153 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11153\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11143 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11143\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11129 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11129\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11136 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11136\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11156 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11156\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11159 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11159\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11134 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11134\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11131 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11131\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11141 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11141\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11146 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11146\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11142 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11142\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11127 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11127\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11138 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11138\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11147 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11147\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2021-AVI-290

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Junos OS versions antérieures à 12.3R12-S15, 12.3R12-S17, 12.3X48-D105, 12.3X48-D95, 14.1X53-D49, 15.1R7-S6, 15.1R7-S8, 15.1R7-S9, 15.1X49-D190, 15.1X49-D191, 15.1X49-D200, 15.1X49-D230, 15.1X49-D240, 15.1X53-D592, 16.1R7-S7, 16.1R7-S8, 16.1R8, 16.2R2-S11, 16.2R3, 17.1R2-S11, 17.1R2-S12, 17.1R3, 17.1R3-S2, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.3R2-S5, 17.3R3-S10, 17.3R3-S11, 17.3R3-S7, 17.3R3-S8, 17.3R3-S9, 17.4R2-S10, 17.4R2-S12, 17.4R2-S13, 17.4R2-S6, 17.4R2-S9, 17.4R3, 17.4R3-S2, 17.4R3-S3, 17.4R3-S4, 17.4R3-S5, 18.1R3-S10, 18.1R3-S11, 18.1R3-S12, 18.1R3-S13, 18.1R3-S5, 18.1R3-S7, 18.1R3-S9, 18.2R2-S6, 18.2R2-S7, 18.2R2-S8, 18.2R3, 18.2R3-S1, 18.2R3-S3, 18.2R3-S5, 18.2R3-S6, 18.2R3-S7, 18.2R3-S8, 18.3R1-S7, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.3R3-S3, 18.3R3-S4, 18.3R3-S5, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R1-S8, 18.4R2, 18.4R2-S3, 18.4R2-S4, 18.4R2-S5, 18.4R2-S6, 18.4R2-S7, 18.4R2-S8, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3, 18.4R3-S4, 18.4R3-S5, 18.4R3-S6, 18.4R3-S7, 19.1R1, 19.1R1-S3, 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.1R3-S3, 19.1R3-S4, 19.2R1, 19.2R1-S1, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R1-S6, 19.2R2, 19.2R3, 19.2R3-S1, 19.2R3-S2, 19.3R1, 19.3R2, 19.3R2-S3, 19.3R2-S4, 19.3R2-S5, 19.3R3, 19.3R3-S1, 19.3R3-S2, 19.4R1, 19.4R1-S1, 19.4R1-S3, 19.4R2, 19.4R2-S2, 19.4R2-S4, 19.4R3, 19.4R3-S1, 19.4R3-S2, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R1-S3, 20.1R2, 20.1R2-S1, 20.1R3, 20.2R1, 20.2R1-S1, 20.2R1-S2, 20.2R2, 20.2R2-S1, 20.2R2-S2, 20.2R2-S3, 20.2R3, 20.3R1, 20.3R1-S1, 20.3R1-S2, 20.3R2, 20.3R3, 20.4R1, 20.4R1-S1, 20.4R2 et 21.1R1
Junos OS Evolved versions antérieures à 19.2R2-EVO, 19.4R2-EVO, 20.1R1-EVO, 20.3R2-EVO, 20.4R1-EVO, 20.4R2-EVO et 21.1R1-EVO
Paragon Active Assurance Control Center versions antérieures à 2.35.6, 2.36.2 et 3.0.0
AppFormix versions antérieures à 3.1.22, 3.2.14 et 3.3.0

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA11160 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11152 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11154 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11162 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11150 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11130 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11163 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11144 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11155 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11133 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11166 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11164 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11157 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11137 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11151 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11145 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11132 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11158 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11128 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11153 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11143 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11129 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11136 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11156 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11159 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11134 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11131 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11141 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11146 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11142 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11127 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11138 du 14 avril 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11147 du 14 avril 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eJunos OS versions ant\u00e9rieures \u00e0 12.3R12-S15, 12.3R12-S17, 12.3X48-D105, 12.3X48-D95, 14.1X53-D49, 15.1R7-S6, 15.1R7-S8, 15.1R7-S9, 15.1X49-D190, 15.1X49-D191, 15.1X49-D200, 15.1X49-D230, 15.1X49-D240, 15.1X53-D592, 16.1R7-S7, 16.1R7-S8, 16.1R8, 16.2R2-S11, 16.2R3, 17.1R2-S11, 17.1R2-S12, 17.1R3, 17.1R3-S2, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.3R2-S5, 17.3R3-S10, 17.3R3-S11, 17.3R3-S7, 17.3R3-S8, 17.3R3-S9, 17.4R2-S10, 17.4R2-S12, 17.4R2-S13, 17.4R2-S6, 17.4R2-S9, 17.4R3, 17.4R3-S2, 17.4R3-S3, 17.4R3-S4, 17.4R3-S5, 18.1R3-S10, 18.1R3-S11, 18.1R3-S12, 18.1R3-S13, 18.1R3-S5, 18.1R3-S7, 18.1R3-S9, 18.2R2-S6, 18.2R2-S7, 18.2R2-S8, 18.2R3, 18.2R3-S1, 18.2R3-S3, 18.2R3-S5, 18.2R3-S6, 18.2R3-S7, 18.2R3-S8, 18.3R1-S7, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.3R3-S3, 18.3R3-S4, 18.3R3-S5, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R1-S8, 18.4R2, 18.4R2-S3, 18.4R2-S4, 18.4R2-S5, 18.4R2-S6, 18.4R2-S7, 18.4R2-S8, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3, 18.4R3-S4, 18.4R3-S5, 18.4R3-S6, 18.4R3-S7, 19.1R1, 19.1R1-S3, 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.1R3-S3, 19.1R3-S4, 19.2R1, 19.2R1-S1, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R1-S6, 19.2R2, 19.2R3, 19.2R3-S1, 19.2R3-S2, 19.3R1, 19.3R2, 19.3R2-S3, 19.3R2-S4, 19.3R2-S5, 19.3R3, 19.3R3-S1, 19.3R3-S2, 19.4R1, 19.4R1-S1, 19.4R1-S3, 19.4R2, 19.4R2-S2, 19.4R2-S4, 19.4R3, 19.4R3-S1, 19.4R3-S2, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R1-S3, 20.1R2, 20.1R2-S1, 20.1R3, 20.2R1, 20.2R1-S1, 20.2R1-S2, 20.2R2, 20.2R2-S1, 20.2R2-S2, 20.2R2-S3, 20.2R3, 20.3R1, 20.3R1-S1, 20.3R1-S2, 20.3R2, 20.3R3, 20.4R1, 20.4R1-S1, 20.4R2 et 21.1R1\u003c/li\u003e \u003cli\u003eJunos OS Evolved versions ant\u00e9rieures \u00e0 19.2R2-EVO, 19.4R2-EVO, 20.1R1-EVO, 20.3R2-EVO, 20.4R1-EVO, 20.4R2-EVO et 21.1R1-EVO\u003c/li\u003e \u003cli\u003eParagon Active Assurance Control Center versions ant\u00e9rieures \u00e0 2.35.6, 2.36.2 et 3.0.0\u003c/li\u003e \u003cli\u003eAppFormix versions ant\u00e9rieures \u00e0 3.1.22, 3.2.14 et 3.3.0\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eLes vuln\u00e9rabilit\u00e9s\u00a0CVE-2021-0248 (score CVSSv3 : 10, \u003ca href=\"https://kb.juniper.net/InfoCenter/index?page=content\u0026amp;id=JSA11141\u0026amp;cat=SIRT_1\u0026amp;actp=LIST\"\u003ehttps://kb.juniper.net/InfoCenter/index?page=content\u0026amp;id=JSA11141\u0026amp;cat=SIRT_1\u0026amp;actp=LIST\u003c/a\u003e) et\u00a0CVE-2021-0254 (score CVSSv3 : 9.8, \u003ca href=\"https://kb.juniper.net/InfoCenter/index?page=content\u0026amp;id=JSA11147\u0026amp;cat=SIRT_1\u0026amp;actp=LIST\"\u003ehttps://kb.juniper.net/InfoCenter/index?page=content\u0026amp;id=JSA11147\u0026amp;cat=SIRT_1\u0026amp;actp=LIST\u003c/a\u003e) sont les plus critiques de ce pr\u00e9sent avis.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-0250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0250"
    },
    {
      "name": "CVE-2021-0238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0238"
    },
    {
      "name": "CVE-2021-0254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0254"
    },
    {
      "name": "CVE-2021-0263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0263"
    },
    {
      "name": "CVE-2021-0243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0243"
    },
    {
      "name": "CVE-2021-0273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0273"
    },
    {
      "name": "CVE-2021-0262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0262"
    },
    {
      "name": "CVE-2021-0237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0237"
    },
    {
      "name": "CVE-2021-0264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0264"
    },
    {
      "name": "CVE-2021-0248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0248"
    },
    {
      "name": "CVE-2021-0272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0272"
    },
    {
      "name": "CVE-2021-0233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0233"
    },
    {
      "name": "CVE-2021-0269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0269"
    },
    {
      "name": "CVE-2021-0236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0236"
    },
    {
      "name": "CVE-2021-0251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0251"
    },
    {
      "name": "CVE-2021-0244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0244"
    },
    {
      "name": "CVE-2021-0267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0267"
    },
    {
      "name": "CVE-2021-0253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0253"
    },
    {
      "name": "CVE-2021-0232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0232"
    },
    {
      "name": "CVE-2021-0260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0260"
    },
    {
      "name": "CVE-2021-0271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0271"
    },
    {
      "name": "CVE-2021-0249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0249"
    },
    {
      "name": "CVE-2021-0234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0234"
    },
    {
      "name": "CVE-2021-0235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0235"
    },
    {
      "name": "CVE-2021-0239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0239"
    },
    {
      "name": "CVE-2021-0266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0266"
    },
    {
      "name": "CVE-2021-0259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0259"
    },
    {
      "name": "CVE-2021-0265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0265"
    },
    {
      "name": "CVE-2021-0275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0275"
    },
    {
      "name": "CVE-2021-0268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0268"
    },
    {
      "name": "CVE-2021-0261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0261"
    },
    {
      "name": "CVE-2021-0245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0245"
    },
    {
      "name": "CVE-2021-0252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0252"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-290",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-04-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11160 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11160\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11152 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11152\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11154 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11154\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11162 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11162\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11150 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11150\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11130 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11130\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11163 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11163\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11144 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11144\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11155 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11155\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11133 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11133\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11166 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11166\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11164 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11164\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11157 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11157\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11137 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11137\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11151 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11151\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11145 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11145\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11132 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11132\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11158 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11158\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11128 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11128\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11153 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11153\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11143 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11143\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11129 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11129\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11136 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11136\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11156 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11156\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11159 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11159\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11134 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11134\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11131 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11131\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11141 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11141\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11146 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11146\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11142 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11142\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11127 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11127\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11138 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11138\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11147 du 14 avril 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11147\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

GSD-2021-0236

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-0236

Aliases

CVE-2021-0236

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-0236",
    "description": "Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec deployments. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: All versions after 18.4R1-EVO prior to 20.3R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved versions prior to 18.4R1-EVO.",
    "id": "GSD-2021-0236"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-0236"
      ],
      "details": "Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec deployments. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: All versions after 18.4R1-EVO prior to 20.3R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved versions prior to 18.4R1-EVO.",
      "id": "GSD-2021-0236",
      "modified": "2023-12-13T01:23:07.175532Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "DATE_PUBLIC": "2021-04-14T16:00:00.000Z",
        "ID": "CVE-2021-0236",
        "STATE": "PUBLIC",
        "TITLE": "Junos OS: A specific BGP VPNv6 flowspec message causes routing protocol daemon (rpd) process to crash with a core."
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Junos OS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "!\u003c",
                          "version_value": "18.4R1"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "18.4",
                          "version_value": "18.4R1-S8, 18.4R2-S7, 18.4R3-S7"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "19.1",
                          "version_value": "19.1R2-S2, 19.1R3-S4"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "19.2",
                          "version_value": "19.2R1-S6, 19.2R3-S2"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "19.3",
                          "version_value": "19.3R3-S2"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "19.4",
                          "version_value": "19.4R2-S4, 19.4R3-S1"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "20.1",
                          "version_value": "20.1R2, 20.1R3, 20.1R3-EVO"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "20.2",
                          "version_value": "20.2R2, 20.2R3, 20.2R3-EVO"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "20.3",
                          "version_value": "20.3R1-S1, 20.3R2, 20.3R2-EVO"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Junos OS Evolved",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "!\u003c",
                          "version_value": "18.4R1-EVO"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "20.3-EVO",
                          "version_value": "20.3R2-EVO"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "configuration": [
        {
          "lang": "eng",
          "value": "The examples of the config stanza affected by this issue:\n  [ protocols bgp group \u003cgroup-name\u003e family inet6-vpn flow ]"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec deployments. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: All versions after 18.4R1-EVO prior to 20.3R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved versions prior to 18.4R1-EVO."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
              }
            ]
          },
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service (DoS)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://kb.juniper.net/JSA11131",
            "refsource": "MISC",
            "url": "https://kb.juniper.net/JSA11131"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS: 18.4R1-S8, 18.4R2-S7, 18.4R3-S7, 19.1R2-S2, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R3-S2, 19.4R2-S4, 19.4R3-S1, 20.1R2, 20.1R3, 20.2R2, 20.2R3, 20.3R1-S1, 20.3R2, 20.4R1 and all subsequent releases.\n\nJunos OS Evolved: 20.3R2-EVO, 20.4R1-EVO, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA11131",
        "defect": [
          "1537085"
        ],
        "discovery": "INTERNAL"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "Do not configure \"family inet6-vpn flow\" under BGP if no inet6-vpn routes are required to be received.\n\n"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r3-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r3-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r3-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r3-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2021-0236"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec deployments. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: All versions after 18.4R1-EVO prior to 20.3R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved versions prior to 18.4R1-EVO."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-754"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA11131",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/JSA11131"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-04-27T15:01Z",
      "publishedDate": "2021-04-22T20:15Z"
    }
  }
}

CNVD-2021-29855

Vulnerability from cnvd - Published: 2021-04-22

Title

Juniper Networks Junos OS代码问题漏洞（CNVD-2021-29855）

Description

Juniper Networks Junos OS是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Junos OS存在代码问题漏洞，目前尚无此漏洞的相关信息。

Severity

中

Patch Name

Juniper Networks Junos OS代码问题漏洞（CNVD-2021-29855）的补丁

Patch Description

Juniper Networks Junos OS是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Junos OS存在代码问题漏洞，目前尚无此漏洞的相关信息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11131&cat=SIRT_1&actp=LIST

Reference

https://vigilance.fr/vulnerability/Junos-OS-multiple-vulnerabilities-35081 https://www.cybersecurity-help.cz/vdb/SB2021041603

Impacted products

Name
Juniper Networks Junos OS

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-0236"
    }
  },
  "description": "Juniper Networks Junos OS\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u8bbe\u5907\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunos SDK\u3002 \n\nJunos OS\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u76ee\u524d\u5c1a\u65e0\u6b64\u6f0f\u6d1e\u7684\u76f8\u5173\u4fe1\u606f\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11131\u0026cat=SIRT_1\u0026actp=LIST",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-29855",
  "openTime": "2021-04-22",
  "patchDescription": "Juniper Networks Junos OS\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u8bbe\u5907\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunos SDK\u3002 \r\n\r\nJunos OS\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u76ee\u524d\u5c1a\u65e0\u6b64\u6f0f\u6d1e\u7684\u76f8\u5173\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Juniper Networks Junos OS\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2021-29855\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Juniper Networks Junos OS"
  },
  "referenceLink": "https://vigilance.fr/vulnerability/Junos-OS-multiple-vulnerabilities-35081\r\nhttps://www.cybersecurity-help.cz/vdb/SB2021041603",
  "serverity": "\u4e2d",
  "submitTime": "2021-04-19",
  "title": "Juniper Networks Junos OS\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2021-29855\uff09"
}

VAR-202104-0577

Vulnerability from variot - Updated: 2023-12-18 11:06

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202104-0577",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "18.4"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.2"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.2"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.4"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "20.3"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.3"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.3"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "20.1"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.1"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "20.1"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.1"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "20.2"
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-0236"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r3-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r3-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r3-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r3-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-0236"
      }
    ]
  },
  "cve": "CVE-2021-0236",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "VHN-372138",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULMON",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2021-0236",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "sirt@juniper.net",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2021-0236",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "sirt@juniper.net",
            "id": "CVE-2021-0236",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-1057",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-372138",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-0236",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-372138"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-0236"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-0236"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-0236"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-1057"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec deployments. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: All versions after 18.4R1-EVO prior to 20.3R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved versions prior to 18.4R1-EVO. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. The operating system provides a secure programming interface and Junos SDK. There is a code problem vulnerability in Junos OS. There is no information about this vulnerability at present. Please pay attention to CNNVD or manufacturer announcements at any time",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-0236"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULHUB",
        "id": "VHN-372138"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-0236"
      }
    ],
    "trust": 1.62
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-0236",
        "trust": 1.8
      },
      {
        "db": "JUNIPER",
        "id": "JSA11131",
        "trust": 1.8
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041603",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-1057",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-372138",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-0236",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-372138"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-0236"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-0236"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-1057"
      }
    ]
  },
  "id": "VAR-202104-0577",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-372138"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:06:20.733000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Juniper Networks Junos OS Fixes for code issue vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=147582"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-1057"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-754",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-372138"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-0236"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://kb.juniper.net/jsa11131"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/junos-os-multiple-vulnerabilities-35081"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041603"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-0236"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/754.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-372138"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-0236"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-0236"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-1057"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-372138"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-0236"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-0236"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-1057"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-372138"
      },
      {
        "date": "2021-04-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-0236"
      },
      {
        "date": "2021-04-22T20:15:08.843000",
        "db": "NVD",
        "id": "CVE-2021-0236"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-1057"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-372138"
      },
      {
        "date": "2021-04-27T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-0236"
      },
      {
        "date": "2021-04-27T15:01:11.133000",
        "db": "NVD",
        "id": "CVE-2021-0236"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-04-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-1057"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-1057"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Pillow Buffer error vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2021-0236

Vulnerability from fkie_nvd - Published: 2021-04-22 20:15 - Updated: 2024-11-21 05:42

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	sirt@juniper.net	https://kb.juniper.net/JSA11131	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA11131	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	20.1
juniper	junos	20.1
juniper	junos	20.1
juniper	junos	20.1
juniper	junos	20.1
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.3
juniper	junos_os_evolved	19.1
juniper	junos_os_evolved	19.1
juniper	junos_os_evolved	19.2
juniper	junos_os_evolved	19.2
juniper	junos_os_evolved	19.3
juniper	junos_os_evolved	19.3
juniper	junos_os_evolved	20.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "853F146A-9A0F-49B6-AFD2-9907434212F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "EE1F82EC-3222-4158-8923-59CDA1909A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "8FE95D15-B5E5-4E74-9464-C72D8B646A6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "C012CD07-706A-4E1C-B399-C55AEF5C8309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*",
              "matchCriteriaId": "A0C26E59-874A-4D87-9E7F-E366F4D65ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*",
              "matchCriteriaId": "75902119-60D0-49F8-8E01-666E0F75935A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "D59D7A31-128B-4034-862B-8EF3CE3EE949",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "0C5E097B-B79E-4E6A-9291-C8CB9674FED5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "819FA3ED-F934-4B20-BC0E-D638ACCB7787",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "3D7D773A-4988-4D7C-A105-1885EBE14426",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s4:*:*:*:*:*:*",
              "matchCriteriaId": "1BD93674-9375-493E-BD6C-8AD41CC75DD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s5:*:*:*:*:*:*",
              "matchCriteriaId": "34E28FD9-1089-42F7-8586-876DBEC965DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s6:*:*:*:*:*:*",
              "matchCriteriaId": "B7E72C49-1849-4A6F-81BC-D03F06D47D6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "736B7A9F-E237-45AF-A6D6-84412475F481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "62E63730-F697-4FE6-936B-FD9B4F22EAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "064A7052-4EF5-4BFB-88FF-8122AEECB6A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "08C58CCB-3BAA-4400-B371-556DF46DE69C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "28F7740D-C636-4FA3-8479-E5E039041DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s5:*:*:*:*:*:*",
              "matchCriteriaId": "81F6DEA3-F07E-4FD0-87CB-4E8C0B768706",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s6:*:*:*:*:*:*",
              "matchCriteriaId": "2C1601BB-CAB7-4C92-8416-1824BB85D820",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "768C0EB7-8456-4BF4-8598-3401A54D21DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "5332B70A-F6B0-4C3B-90E2-5CBFB3326126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "81439FE8-5405-45C2-BC04-9823D2009A77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "E506138D-043E-485D-B485-94A2AB75F8E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "0EF3C901-3599-463F-BEFB-8858768DC195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "CD806778-A995-4A9B-9C05-F4D7B1CB1F7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "02B42BE8-1EF2-47F7-9F10-DE486A017EED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "DCAB79C9-6639-4ED0-BEC9-E7C8229DF977",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "C8CF858F-84BB-4AEA-B829-FCF22C326160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "5405F361-AB96-4477-AA0D-49B874324B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "E45E5421-2F6F-4AF9-8EB1-431A804FC649",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "93098975-4A06-4A72-8DF0-F2C5E1AF2F77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "E1F3AEE4-CEB8-4CAA-A48A-1B4647FFFCDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "0E7545CE-6300-4E81-B5AF-2BE150C1B190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4CA3060F-1800-4A06-A453-FB8CE4B65312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "9A5B337A-727C-4767-AD7B-E0F7F99EB46F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "16FDE60B-7A99-4683-BC14-530B5B005F8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "725D8C27-E4F8-4394-B4EC-B49B6D3C2709",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "8233C3AB-470E-4D13-9BFD-C9E90918FD0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "5F7A233A-D4F6-46FA-92E9-2ACE13E4A6A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "7C71D2FA-B1A4-4004-807F-7B3BB347DF4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "9E78E854-DDD3-4D1A-97AB-AEA70B9B811F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "512FB3D1-BA5B-4F73-BDB2-49D6889F5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "7FCBFF57-83A1-4C1C-A38D-7DAB48BCA2EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "59006503-B2CA-4F79-AC13-7C5615A74CE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "B8110DA9-54B1-43CF-AACB-76EABE0C9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "11B5CC5A-1959-4113-BFCF-E4BA63D918C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "33F08A33-EF80-4D86-9A9A-9DF147B9B6D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "AF24ACBD-5F84-47B2-BFF3-E9A56666269C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "3935A586-41BD-4FA5-9596-DED6F0864777",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "B83FB539-BD7C-4BEE-9022-098F73902F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*",
              "matchCriteriaId": "7659AC36-A5EA-468A-9793-C1EC914D36F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*",
              "matchCriteriaId": "E0E018E1-568E-40F2-ADA5-F71509811879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "B9295AF3-A883-47C3-BAF8-3D82F719733E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "DC743EE4-8833-452A-94DB-655BF139F883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "FE96A8EA-FFE3-4D8F-9266-21899149D634",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "C12A75C6-2D00-4202-B861-00FF71585FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4DCFA774-96EF-4018-82CF-95C807025C24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "76022948-4B07-43CB-824C-44E1AB3537CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "25446F60-5CB9-4923-BCE8-609AE3CFDFBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "758275F3-9457-45A2-8F57-65DCD659FC1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "8328FDE6-9707-4142-B905-3B07C0E28E35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "615EAF48-AD53-4CC2-B233-5EA5C0F72CB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2C3245C5-9EE1-490C-B7C7-5C02F155DDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "01A9BD92-5865-455D-9585-098DCFCC24DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "914D6984-1820-483B-AEB9-2C5257B5E900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "14C57D33-01BB-4190-B787-F5BDACE82AFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "6480A5C9-3280-40C5-BC08-509555F28363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "2D3C2D74-AF22-4BED-A0C5-089B5507D275",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "F64FBB4B-7CBF-499B-A523-804857DEFAFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec deployments. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: All versions after 18.4R1-EVO prior to 20.3R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved versions prior to 18.4R1-EVO."
    },
    {
      "lang": "es",
      "value": "Debido a una comprobaci\u00f3n inapropiada de condiciones inusuales o excepcionales en Juniper Networks Junos OS y  Junos OS Evolved, el Routing Protocol Daemon (RPD), al recibir un paquete BGP espec\u00edfico que coincide con un t\u00e9rmino espec\u00edfico en la configuraci\u00f3n de flowpec, se bloquea y se reinicia causando una Denegaci\u00f3n de Servicio (DoS).\u0026#xa0;La recepci\u00f3n y el procesamiento continuo de este paquete crear\u00e1n una condici\u00f3n sostenida de Denegaci\u00f3n de Servicio (DoS).\u0026#xa0;Este problema afecta solo a las implementaciones Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec.\u0026#xa0;Este problema afecta a: Juniper Networks Junos OS: versiones 18.4 anteriores a 18.4R1-S8, 18.4R2-S7, 18.4R3-S7;\u0026#xa0;versiones 19.1 anteriores a 19.1R2-S2, 19.1R3-S4;\u0026#xa0;versiones 19.2  anteriores a 19.2R1-S6, 19.2R3-S2;\u0026#xa0;versiones 19.3 anteriores a 19.3R3-S2;\u0026#xa0;versiones 19.4 anteriores a 19.4R2-S4, 19.4R3-S1;\u0026#xa0;versiones 20.1 anteriores a 20.1R2, 20.1R3;\u0026#xa0;versiones 20.2 anteriores a 20.2R2, 20.2R3;\u0026#xa0;versiones 20.\u0026#xa0;3 anteriores a 20.3R1-S1, 20.3R2.\u0026#xa0;Juniper Networks Junos OS Evolved: todas las versiones posteriores a 18.4R1-EVO anteriores a 20.3R2-EVO.\u0026#xa0;Este problema no afecta a: Juniper Networks Junos OS versiones anteriores a 18.4R1.\u0026#xa0;Juniper Networks Junos OS Evolved versiones anteriores a 18.4R1-EVO"
    }
  ],
  "id": "CVE-2021-0236",
  "lastModified": "2024-11-21T05:42:16.330",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      }
    ]
  },
  "published": "2021-04-22T20:15:08.843",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11131"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-W64J-JXCJ-2F8P

Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2022-05-24 17:48

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-0236"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-22T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only Multiprotocol BGP (MP-BGP) VPNv6 FlowSpec deployments. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS Evolved: All versions after 18.4R1-EVO prior to 20.3R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved versions prior to 18.4R1-EVO.",
  "id": "GHSA-w64j-jxcj-2f8p",
  "modified": "2022-05-24T17:48:11Z",
  "published": "2022-05-24T17:48:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0236"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA11131"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-0236 (GCVE-0-2021-0236)

CERTFR-2021-AVI-290

Solution

CERTFR-2021-AVI-290

Solution

GSD-2021-0236

CNVD-2021-29855

VAR-202104-0577

FKIE_CVE-2021-0236

GHSA-W64J-JXCJ-2F8P

Tags

Sightings

Nomenclature