cve-2021-31353
Vulnerability from cvelistv5
Published
2021-10-19 18:16
Modified
2024-09-16 17:37
Severity ?
EPSS score ?
Summary
An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing of the BGP update will create a sustained Denial of Service (DoS) condition. This issue affects very specific versions of Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versions 20.2R2-S3 and later, prior to 20.2R3-S2; 20.3 versions 20.3R2 and later, prior to 20.3R3; 20.4 versions 20.4R2 and later, prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS 20.1 is not affected by this issue. This issue also affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-S3-EVO, 20.4R3-EVO; 21.1-EVO versions prior to 21.1R2-EVO; 21.2-EVO versions prior to 21.2R2-EVO.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA11218 | Exploit, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA11218 | Exploit, Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Patch: unspecified Version: 19.3R3-S2 Version: 19.4R3-S3 Patch: 20.1R1 Patch: 20.2 Patch: 20.3 Patch: 20.4 Version: 21.1 < 21.1R2 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA11218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "19.3R3-S2",
"status": "unaffected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "affected",
"version": "19.3R3-S2"
},
{
"status": "affected",
"version": "19.4R3-S3"
},
{
"lessThan": "20.1*",
"status": "unaffected",
"version": "20.1R1",
"versionType": "custom"
},
{
"changes": [
{
"at": "20.2R3-S2",
"status": "unaffected"
}
],
"lessThan": "20.2R2-S3",
"status": "unaffected",
"version": "20.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "20.3R3",
"status": "unaffected"
}
],
"lessThan": "20.3R2",
"status": "unaffected",
"version": "20.3",
"versionType": "custom"
},
{
"changes": [
{
"at": "20.4R3",
"status": "unaffected"
}
],
"lessThan": "20.4R2",
"status": "unaffected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R2",
"status": "affected",
"version": "21.1",
"versionType": "custom"
}
]
},
{
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R2-S3-EVO, 20.4R3-EVO",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "21.1R2-EVO",
"status": "affected",
"version": "21.1-EVO",
"versionType": "custom"
},
{
"lessThan": "21.2R2-EVO",
"status": "affected",
"version": "21.2-EVO",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue can occur when multipath is enabled:\n\n routing-instance \u003cvrf\u003e routing-options multipath\n\nand one of the following two TTL propagation options (but not both) are enabled:\n\n protocols mpls no-propagate-ttl\n routing-instance \u003cvrf\u003e no-vrf-propagate-ttl"
}
],
"datePublic": "2021-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing of the BGP update will create a sustained Denial of Service (DoS) condition. This issue affects very specific versions of Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versions 20.2R2-S3 and later, prior to 20.2R3-S2; 20.3 versions 20.3R2 and later, prior to 20.3R3; 20.4 versions 20.4R2 and later, prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS 20.1 is not affected by this issue. This issue also affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-S3-EVO, 20.4R3-EVO; 21.1-EVO versions prior to 21.1R2-EVO; 21.2-EVO versions prior to 21.2R2-EVO."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-19T18:16:34",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA11218"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 18.4R2-S9, 19.1R3-S7, 19.3R3-S3, 19.4R1-S4, 19.4R3-S4, 20.1R3, 20.2R3-S2, 20.3R3, 20.4R3, 21.1R2, 21.2R1, 21.2R2, 21.3R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-S3-EVO, 20.4R3-EVO, 21.1R2-EVO, 21.2R2-EVO, 21.3R1-EVO, and all subsequent releases.\n\nNote: Only those releases listed in the PROBLEM section above are affected. This fix has also been proactively committed into other releases that are not vulnerable to this issue."
}
],
"source": {
"advisory": "JSA11218",
"defect": [
"1595165"
],
"discovery": "USER"
},
"title": "Junos OS and Junos OS Evolved: RPD core upon receipt of specific BGP update",
"workarounds": [
{
"lang": "en",
"value": "This issue can be mitigated in two ways:\n\n1) ensure that TTL propagation is either enabled or disabled in both places below:\n protocols mpls no-propagate-ttl\n routing-instance \u003cvrf\u003e no-vrf-propagate-ttl\n\n2) Disable multipath:\n routing-instance \u003cvrf\u003e routing-options multipath"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31353",
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: RPD core upon receipt of specific BGP update"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "!\u003c",
"version_value": "19.3R3-S2"
},
{
"version_affected": "=",
"version_value": "19.3R3-S2"
},
{
"version_affected": "=",
"version_value": "19.4R3-S3"
},
{
"version_affected": "!\u003e=",
"version_name": "20.1",
"version_value": "20.1R1"
},
{
"version_affected": "!\u003c",
"version_name": "20.2",
"version_value": "20.2R2-S3"
},
{
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"version_affected": "!\u003c",
"version_name": "20.3",
"version_value": "20.3R2"
},
{
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"version_affected": "!\u003c",
"version_name": "20.4",
"version_value": "20.4R2"
},
{
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20.4R2-S3-EVO, 20.4R3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.1-EVO",
"version_value": "21.1R2-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.2-EVO",
"version_value": "21.2R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue can occur when multipath is enabled:\n\n routing-instance \u003cvrf\u003e routing-options multipath\n\nand one of the following two TTL propagation options (but not both) are enabled:\n\n protocols mpls no-propagate-ttl\n routing-instance \u003cvrf\u003e no-vrf-propagate-ttl"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing of the BGP update will create a sustained Denial of Service (DoS) condition. This issue affects very specific versions of Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versions 20.2R2-S3 and later, prior to 20.2R3-S2; 20.3 versions 20.3R2 and later, prior to 20.3R3; 20.4 versions 20.4R2 and later, prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS 20.1 is not affected by this issue. This issue also affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-S3-EVO, 20.4R3-EVO; 21.1-EVO versions prior to 21.1R2-EVO; 21.2-EVO versions prior to 21.2R2-EVO."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11218",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11218"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 18.4R2-S9, 19.1R3-S7, 19.3R3-S3, 19.4R1-S4, 19.4R3-S4, 20.1R3, 20.2R3-S2, 20.3R3, 20.4R3, 21.1R2, 21.2R1, 21.2R2, 21.3R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-S3-EVO, 20.4R3-EVO, 21.1R2-EVO, 21.2R2-EVO, 21.3R1-EVO, and all subsequent releases.\n\nNote: Only those releases listed in the PROBLEM section above are affected. This fix has also been proactively committed into other releases that are not vulnerable to this issue."
}
],
"source": {
"advisory": "JSA11218",
"defect": [
"1595165"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "This issue can be mitigated in two ways:\n\n1) ensure that TTL propagation is either enabled or disabled in both places below:\n protocols mpls no-propagate-ttl\n routing-instance \u003cvrf\u003e no-vrf-propagate-ttl\n\n2) Disable multipath:\n routing-instance \u003cvrf\u003e routing-options multipath"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2021-31353",
"datePublished": "2021-10-19T18:16:34.884433Z",
"dateReserved": "2021-04-15T00:00:00",
"dateUpdated": "2024-09-16T17:37:46.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3FEA876-302D-4F07-94E6-237C669538F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"0886EFA6-47E3-4C1D-A278-D3891A487FED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A58292B-814C-49E7-8D6D-BE26EFB9ADDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"681AE183-7183-46E7-82EA-28C398FA1C3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"05D8427C-CDDE-4B2F-9CB8-41B9137660E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3DC01F2-6DFE-4A8E-9962-5E59AA965935\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"C54B047C-4B38-40C0-9855-067DCF7E48BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"38984199-E332-4A9C-A4C0-78083D052E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"625BA7E6-D2AD-4A48-9B94-24328BE5B06A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F462F4E3-762C-429F-8D25-5521100DD37C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"20.3\", \"matchCriteriaId\": \"4C8EA231-338B-46A2-BE77-3A7AB54BD148\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9C8866D-162F-4C9B-8167-2FBA25410368\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F85E5BC7-8607-4330-AA72-2273D32F8604\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"878C81C9-A418-4A21-8FDB-2116A992679C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.4:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7451A671-A3CC-4904-8D45-947B1D3783C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0108AD20-EAE6-41D1-AE48-254C46B5388A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"44FBCA6F-EB05-4EE4-85FD-944BDAF7D81B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:21.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE674DD3-3590-4434-B144-5AD7EB5F039D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0099BDA9-9D4B-4D6C-8234-EFD9E8C63476\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E1E57AF-979B-4022-8AD6-B3558E06B718\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing of the BGP update will create a sustained Denial of Service (DoS) condition. This issue affects very specific versions of Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versions 20.2R2-S3 and later, prior to 20.2R3-S2; 20.3 versions 20.3R2 and later, prior to 20.3R3; 20.4 versions 20.4R2 and later, prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS 20.1 is not affected by this issue. This issue also affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-S3-EVO, 20.4R3-EVO; 21.1-EVO versions prior to 21.1R2-EVO; 21.2-EVO versions prior to 21.2R2-EVO.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de administraci\\u00f3n inapropiada de condiciones excepcionales en Juniper Networks Junos OS y Junos OS Evolved permite a un atacante inyectar una actualizaci\\u00f3n BGP espec\\u00edfica, causando el bloqueo y el reinicio del demonio del protocolo de enrutamiento (RPD), conllevando a una Denegaci\\u00f3n de Servicio (DoS). Si se sigue recibiendo y procesando la actualizaci\\u00f3n BGP, ser\\u00e1 creada una condici\\u00f3n de Denegaci\\u00f3n de Servicio (DoS) sostenida. Este problema afecta a versiones muy espec\\u00edficas de Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versiones 20.2R2-S3 y posteriores, anteriores a 20.2R3-S2; 20.3 versiones 20.3R2 y posteriores, anteriores a 20.3R3; 20.4 versiones 20.4R2 y posteriores, anteriores a 20.4R3; versiones 21.1 anteriores a 21.1R2. Juniper Networks Junos OS 20.1 no est\\u00e1 afectado por este problema. Este problema tambi\\u00e9n afecta a Juniper Networks Junos OS Evolved: Todas las versiones anteriores a 20.4R2-S3-EVO, 20.4R3-EVO; 21.1-EVO versiones anteriores a 21.1R2-EVO; 21.2-EVO versiones anteriores a 21.2R2-EVO\"}]",
"id": "CVE-2021-31353",
"lastModified": "2024-11-21T06:05:29.003",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-10-19T19:15:08.720",
"references": "[{\"url\": \"https://kb.juniper.net/JSA11218\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Exploit\", \"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://kb.juniper.net/JSA11218\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mitigation\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-755\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-755\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-31353\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2021-10-19T19:15:08.720\",\"lastModified\":\"2024-11-21T06:05:29.003\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing of the BGP update will create a sustained Denial of Service (DoS) condition. This issue affects very specific versions of Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versions 20.2R2-S3 and later, prior to 20.2R3-S2; 20.3 versions 20.3R2 and later, prior to 20.3R3; 20.4 versions 20.4R2 and later, prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS 20.1 is not affected by this issue. This issue also affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-S3-EVO, 20.4R3-EVO; 21.1-EVO versions prior to 21.1R2-EVO; 21.2-EVO versions prior to 21.2R2-EVO.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de administraci\u00f3n inapropiada de condiciones excepcionales en Juniper Networks Junos OS y Junos OS Evolved permite a un atacante inyectar una actualizaci\u00f3n BGP espec\u00edfica, causando el bloqueo y el reinicio del demonio del protocolo de enrutamiento (RPD), conllevando a una Denegaci\u00f3n de Servicio (DoS). Si se sigue recibiendo y procesando la actualizaci\u00f3n BGP, ser\u00e1 creada una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. Este problema afecta a versiones muy espec\u00edficas de Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versiones 20.2R2-S3 y posteriores, anteriores a 20.2R3-S2; 20.3 versiones 20.3R2 y posteriores, anteriores a 20.3R3; 20.4 versiones 20.4R2 y posteriores, anteriores a 20.4R3; versiones 21.1 anteriores a 21.1R2. Juniper Networks Junos OS 20.1 no est\u00e1 afectado por este problema. Este problema tambi\u00e9n afecta a Juniper Networks Junos OS Evolved: Todas las versiones anteriores a 20.4R2-S3-EVO, 20.4R3-EVO; 21.1-EVO versiones anteriores a 21.1R2-EVO; 21.2-EVO versiones anteriores a 21.2R2-EVO\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-755\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-755\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3FEA876-302D-4F07-94E6-237C669538F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0886EFA6-47E3-4C1D-A278-D3891A487FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A58292B-814C-49E7-8D6D-BE26EFB9ADDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"681AE183-7183-46E7-82EA-28C398FA1C3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"05D8427C-CDDE-4B2F-9CB8-41B9137660E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3DC01F2-6DFE-4A8E-9962-5E59AA965935\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C54B047C-4B38-40C0-9855-067DCF7E48BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"38984199-E332-4A9C-A4C0-78083D052E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"625BA7E6-D2AD-4A48-9B94-24328BE5B06A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F462F4E3-762C-429F-8D25-5521100DD37C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"20.3\",\"matchCriteriaId\":\"4C8EA231-338B-46A2-BE77-3A7AB54BD148\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9C8866D-162F-4C9B-8167-2FBA25410368\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F85E5BC7-8607-4330-AA72-2273D32F8604\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"878C81C9-A418-4A21-8FDB-2116A992679C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7451A671-A3CC-4904-8D45-947B1D3783C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0108AD20-EAE6-41D1-AE48-254C46B5388A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"44FBCA6F-EB05-4EE4-85FD-944BDAF7D81B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE674DD3-3590-4434-B144-5AD7EB5F039D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0099BDA9-9D4B-4D6C-8234-EFD9E8C63476\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E1E57AF-979B-4022-8AD6-B3558E06B718\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA11218\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://kb.juniper.net/JSA11218\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.