CVE-2021-31383 (GCVE-0-2021-31383)
Vulnerability from cvelistv5 – Published: 2021-10-19 18:17 – Updated: 2024-09-16 20:21
VLAI
Title
Junos OS and Junos OS Evolved: In Point to MultiPoint (P2MP) scenarios receipt of various crafted packets causes RPD to core.
Summary
In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a remote unauthenticated network attacker causes the RPD to crash causing a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.2R1. Juniper Networks Junos OS Evolved 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO.
Severity
7.5 (High)
CWE
- improper usage of a source to destination copy write operation
- Denial of Service (DoS)
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA11251 | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Unaffected:
unspecified , < 19.2R1
(custom)
Affected: 19.2 , < 19.2R3-S2 (custom) Affected: 19.3 , < 19.3R2-S6, 19.3R3-S2 (custom) Affected: 19.4 , < 19.4R1-S4, 19.4R2-S4, 19.4R3-S3 (custom) Affected: 20.1 , < 20.1R2-S2, 20.1R3 (custom) Affected: 20.2 , < 20.2R2-S3, 20.2R3 (custom) Affected: 20.3 , < 20.3R2 (custom) |
|
| Juniper Networks | Junos OS Evolved |
Affected:
20.1 , < 20.1R3-EVO
(custom)
Affected: 20.2 , < 20.2R3-EVO (custom) Affected: 20.3 , < 20.3R2-EVO (custom) |
Date Public
2021-10-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.730Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA11251"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "19.2R1",
"status": "unaffected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "19.2R3-S2",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R2-S6, 19.3R3-S2",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R2-S2, 20.1R3",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R2-S3, 20.2R3",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R2",
"status": "affected",
"version": "20.3",
"versionType": "custom"
}
]
},
{
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.1R3-EVO",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R3-EVO",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R2-EVO",
"status": "affected",
"version": "20.3",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "The following configuration is required for Junos OS:\n [protocols ldp p2mp]\n [protocols ldp interface \"interface\"]\n [protocols ldp traffic-statistics {sensor-based-stats;}]\n\nThe following configuration is required for Junos OS Evolved: \n [configuration protocols ldp p2mp]\n [configuration protocols ldp interface \"interface\"]"
}
],
"datePublic": "2021-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a remote unauthenticated network attacker causes the RPD to crash causing a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.2R1. Juniper Networks Junos OS Evolved 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "improper usage of a source to destination copy write operation",
"lang": "en",
"type": "text"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-19T18:17:26.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA11251"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS: 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R1, and all subsequent releases.\n\nJunos OS Evolved: 20.1R3-EVO, 20.2R3-EVO, 20.3R2-EVO, 20.4R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11251",
"defect": [
"1558672"
],
"discovery": "INTERNAL"
},
"title": "Junos OS and Junos OS Evolved: In Point to MultiPoint (P2MP) scenarios receipt of various crafted packets causes RPD to core.",
"workarounds": [
{
"lang": "en",
"value": "For Junos OS you can remove the traffic-statistics from the configuration to work around this issue.\n\n [protoccols ldp traffic-statistics {sensor-based-stats;}]\n\nFor Junos OS Evolved there are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31383",
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: In Point to MultiPoint (P2MP) scenarios receipt of various crafted packets causes RPD to core."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "19.2",
"version_value": "19.2R3-S2"
},
{
"version_affected": "\u003c",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S2"
},
{
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3"
},
{
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R2-S3, 20.2R3"
},
{
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R2"
},
{
"version_affected": "!\u003c",
"version_value": "19.2R1"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "The following configuration is required for Junos OS:\n [protocols ldp p2mp]\n [protocols ldp interface \"interface\"]\n [protocols ldp traffic-statistics {sensor-based-stats;}]\n\nThe following configuration is required for Junos OS Evolved: \n [configuration protocols ldp p2mp]\n [configuration protocols ldp interface \"interface\"]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a remote unauthenticated network attacker causes the RPD to crash causing a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.2R1. Juniper Networks Junos OS Evolved 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "improper usage of a source to destination copy write operation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11251",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11251"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS: 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R1, and all subsequent releases.\n\nJunos OS Evolved: 20.1R3-EVO, 20.2R3-EVO, 20.3R2-EVO, 20.4R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11251",
"defect": [
"1558672"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "For Junos OS you can remove the traffic-statistics from the configuration to work around this issue.\n\n [protoccols ldp traffic-statistics {sensor-based-stats;}]\n\nFor Junos OS Evolved there are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2021-31383",
"datePublished": "2021-10-19T18:17:26.471Z",
"dateReserved": "2021-04-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:21:34.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-31383",
"date": "2026-06-01",
"epss": "0.00463",
"percentile": "0.64589"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E7545CE-6300-4E81-B5AF-2BE150C1B190\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CA3060F-1800-4A06-A453-FB8CE4B65312\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A5B337A-727C-4767-AD7B-E0F7F99EB46F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"16FDE60B-7A99-4683-BC14-530B5B005F8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"725D8C27-E4F8-4394-B4EC-B49B6D3C2709\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"8233C3AB-470E-4D13-9BFD-C9E90918FD0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F7A233A-D4F6-46FA-92E9-2ACE13E4A6A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADCE4EA8-DDBA-4766-BB81-E4DA29723723\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C71D2FA-B1A4-4004-807F-7B3BB347DF4C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E78E854-DDD3-4D1A-97AB-AEA70B9B811F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"512FB3D1-BA5B-4F73-BDB2-49D6889F5473\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FCBFF57-83A1-4C1C-A38D-7DAB48BCA2EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"59006503-B2CA-4F79-AC13-7C5615A74CE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8110DA9-54B1-43CF-AACB-76EABE0C9EF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"11B5CC5A-1959-4113-BFCF-E4BA63D918C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"33F08A33-EF80-4D86-9A9A-9DF147B9B6D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF24ACBD-5F84-47B2-BFF3-E9A56666269C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3935A586-41BD-4FA5-9596-DED6F0864777\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"B83FB539-BD7C-4BEE-9022-098F73902F38\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"7659AC36-A5EA-468A-9793-C1EC914D36F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0E018E1-568E-40F2-ADA5-F71509811879\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9295AF3-A883-47C3-BAF8-3D82F719733E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F09D3262-394A-43D1-A4ED-8887FCB20F87\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC743EE4-8833-452A-94DB-655BF139F883\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE96A8EA-FFE3-4D8F-9266-21899149D634\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"C12A75C6-2D00-4202-B861-00FF71585FA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"70FF3DD4-14CB-435D-8529-0480EB853F60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DCFA774-96EF-4018-82CF-95C807025C24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"76022948-4B07-43CB-824C-44E1AB3537CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"25446F60-5CB9-4923-BCE8-609AE3CFDFBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"758275F3-9457-45A2-8F57-65DCD659FC1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B46CB928-78B5-4D60-B747-9A0988C7060D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED73BF1A-96E4-49F1-A6AA-7B29DAA6C112\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8328FDE6-9707-4142-B905-3B07C0E28E35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"41CD982F-E6F2-4951-9F96-A76C142DF08E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"19FDC05F-5582-4F7E-B628-E58A3C0E7F2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"401306D1-E9CE-49C6-8DC9-0E8747B9DC2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"615EAF48-AD53-4CC2-B233-5EA5C0F72CB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC8E7547-6649-436D-BC45-184417680C72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9789FF8-D55C-4AF9-A250-E543A0EB826F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3C23AEB-34DE-44FB-8D64-E69D6E8B7401\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"18DB9401-5A51-4BB3-AC2F-58F58F1C788C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"06F53DA5-59AE-403C-9B1E-41CE267D8BB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3332262F-81DA-4D78-99C9-514CADA46611\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B46B63A2-1518-4A29-940C-F05624C9658D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E0D4959-3865-42A7-98CD-1103EBD84528\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C9BC697-C7C9-447D-9EBD-E9711462583E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B80433B-57B1-49EF-B1A1-83781D6102E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"AED25FB6-E3FA-4543-90B2-50068D683D50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F64FBB4B-7CBF-499B-A523-804857DEFAFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEBE159F-5D94-4C18-B922-331586BEA2CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"A38EBFC9-ECBD-4362-82B2-04C02009E85C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DF7C3A8-1279-4F38-9548-85AC7D6290FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"50D38F97-81B0-4952-A1E3-0A9AA4D34820\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB827018-2009-483D-8D53-5BFCE8409BF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"945442C1-C9B2-48BE-A1A6-6A8A1D0ADA88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"F81E7058-986E-4DE3-959F-5E4C62A30941\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"487A82C9-7B7E-4ACA-BABF-65B8504079AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCA8D4D2-D49D-4F91-95E2-2A0E8599338A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF37C911-1904-475A-86F7-F92F34A1A88F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDFFE53D-202D-4396-A470-0A09F3320375\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.2:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F60702A-BB4E-4F2A-93ED-1192EF3AB4A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"37625D47-53C3-43D5-A361-A833EE06C6D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AFB91E3-CAAC-429F-A869-DDD40FB0F84D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A9CA997-2DDA-4808-B2AE-8804FEB798B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.3:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AAE7C3A-5291-42B9-A665-0095E8559737\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.3:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FD9BB14-0375-4893-8CBE-42FF5DECE3E4\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a remote unauthenticated network attacker causes the RPD to crash causing a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.2R1. Juniper Networks Junos OS Evolved 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO.\"}, {\"lang\": \"es\", \"value\": \"En escenarios Punto a Multipunto (P2MP) dentro de sesiones establecidas entre vecinos de red o adyacentes, el uso inadecuado de una operaci\\u00f3n de escritura de copia de origen a destino combinada con un desbordamiento del b\\u00fafer basado en la pila en determinados paquetes espec\\u00edficos procesados por el demonio del protocolo de enrutamiento (RPD) de Juniper Networks Junos OS y Junos OS Evolved enviados por un atacante de red remoto no autenticado causa el bloqueo del RPD causando una Denegaci\\u00f3n de Servicio (DoS). Si se siguen recibiendo y procesando estos paquetes, se crear\\u00e1 una condici\\u00f3n de Denegaci\\u00f3n de Servicio (DoS) sostenida. Este problema afecta a: Juniper Networks Junos OS versiones 19.2 anteriores a 19.2R3-S2; versiones 19.3 anteriores a 19.3R2-S6, 19.3R3-S2; versiones 19.4 anteriores a 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; versiones 20.1 anteriores a 20.1R2-S2, 20.1R3; versiones 20.2 anteriores a 20.2R2-S3, 20.2R3; versiones 20.3 anteriores a 20.3R2. Este problema no afecta a las versiones de Juniper Networks Junos OS anteriores a 19.2R1. Versiones de Juniper Networks Junos OS Evolved 20.1 anteriores a 20.1R3-EVO; versiones 20.2 anteriores a 20.2R3-EVO; versiones 20.3 anteriores a 20.3R2-EVO\"}]",
"id": "CVE-2021-31383",
"lastModified": "2024-11-21T06:05:34.320",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-10-19T19:15:11.313",
"references": "[{\"url\": \"https://kb.juniper.net/JSA11251\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://kb.juniper.net/JSA11251\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-121\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-31383\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2021-10-19T19:15:11.313\",\"lastModified\":\"2024-11-21T06:05:34.320\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a remote unauthenticated network attacker causes the RPD to crash causing a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.2R1. Juniper Networks Junos OS Evolved 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO.\"},{\"lang\":\"es\",\"value\":\"En escenarios Punto a Multipunto (P2MP) dentro de sesiones establecidas entre vecinos de red o adyacentes, el uso inadecuado de una operaci\u00f3n de escritura de copia de origen a destino combinada con un desbordamiento del b\u00fafer basado en la pila en determinados paquetes espec\u00edficos procesados por el demonio del protocolo de enrutamiento (RPD) de Juniper Networks Junos OS y Junos OS Evolved enviados por un atacante de red remoto no autenticado causa el bloqueo del RPD causando una Denegaci\u00f3n de Servicio (DoS). Si se siguen recibiendo y procesando estos paquetes, se crear\u00e1 una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. Este problema afecta a: Juniper Networks Junos OS versiones 19.2 anteriores a 19.2R3-S2; versiones 19.3 anteriores a 19.3R2-S6, 19.3R3-S2; versiones 19.4 anteriores a 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; versiones 20.1 anteriores a 20.1R2-S2, 20.1R3; versiones 20.2 anteriores a 20.2R2-S3, 20.2R3; versiones 20.3 anteriores a 20.3R2. Este problema no afecta a las versiones de Juniper Networks Junos OS anteriores a 19.2R1. Versiones de Juniper Networks Junos OS Evolved 20.1 anteriores a 20.1R3-EVO; versiones 20.2 anteriores a 20.2R3-EVO; versiones 20.3 anteriores a 20.3R2-EVO\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E7545CE-6300-4E81-B5AF-2BE150C1B190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CA3060F-1800-4A06-A453-FB8CE4B65312\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A5B337A-727C-4767-AD7B-E0F7F99EB46F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"16FDE60B-7A99-4683-BC14-530B5B005F8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"725D8C27-E4F8-4394-B4EC-B49B6D3C2709\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8233C3AB-470E-4D13-9BFD-C9E90918FD0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7A233A-D4F6-46FA-92E9-2ACE13E4A6A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADCE4EA8-DDBA-4766-BB81-E4DA29723723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C71D2FA-B1A4-4004-807F-7B3BB347DF4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E78E854-DDD3-4D1A-97AB-AEA70B9B811F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"512FB3D1-BA5B-4F73-BDB2-49D6889F5473\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FCBFF57-83A1-4C1C-A38D-7DAB48BCA2EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"59006503-B2CA-4F79-AC13-7C5615A74CE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8110DA9-54B1-43CF-AACB-76EABE0C9EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"11B5CC5A-1959-4113-BFCF-E4BA63D918C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F08A33-EF80-4D86-9A9A-9DF147B9B6D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF24ACBD-5F84-47B2-BFF3-E9A56666269C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3935A586-41BD-4FA5-9596-DED6F0864777\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B83FB539-BD7C-4BEE-9022-098F73902F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7659AC36-A5EA-468A-9793-C1EC914D36F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E018E1-568E-40F2-ADA5-F71509811879\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9295AF3-A883-47C3-BAF8-3D82F719733E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F09D3262-394A-43D1-A4ED-8887FCB20F87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC743EE4-8833-452A-94DB-655BF139F883\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE96A8EA-FFE3-4D8F-9266-21899149D634\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C12A75C6-2D00-4202-B861-00FF71585FA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"70FF3DD4-14CB-435D-8529-0480EB853F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DCFA774-96EF-4018-82CF-95C807025C24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"76022948-4B07-43CB-824C-44E1AB3537CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"25446F60-5CB9-4923-BCE8-609AE3CFDFBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"758275F3-9457-45A2-8F57-65DCD659FC1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B46CB928-78B5-4D60-B747-9A0988C7060D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED73BF1A-96E4-49F1-A6AA-7B29DAA6C112\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8328FDE6-9707-4142-B905-3B07C0E28E35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"41CD982F-E6F2-4951-9F96-A76C142DF08E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"19FDC05F-5582-4F7E-B628-E58A3C0E7F2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"401306D1-E9CE-49C6-8DC9-0E8747B9DC2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"615EAF48-AD53-4CC2-B233-5EA5C0F72CB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC8E7547-6649-436D-BC45-184417680C72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9789FF8-D55C-4AF9-A250-E543A0EB826F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C23AEB-34DE-44FB-8D64-E69D6E8B7401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"18DB9401-5A51-4BB3-AC2F-58F58F1C788C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"06F53DA5-59AE-403C-9B1E-41CE267D8BB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3332262F-81DA-4D78-99C9-514CADA46611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B46B63A2-1518-4A29-940C-F05624C9658D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E0D4959-3865-42A7-98CD-1103EBD84528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C9BC697-C7C9-447D-9EBD-E9711462583E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B80433B-57B1-49EF-B1A1-83781D6102E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"AED25FB6-E3FA-4543-90B2-50068D683D50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F64FBB4B-7CBF-499B-A523-804857DEFAFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEBE159F-5D94-4C18-B922-331586BEA2CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A38EBFC9-ECBD-4362-82B2-04C02009E85C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DF7C3A8-1279-4F38-9548-85AC7D6290FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"50D38F97-81B0-4952-A1E3-0A9AA4D34820\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB827018-2009-483D-8D53-5BFCE8409BF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"945442C1-C9B2-48BE-A1A6-6A8A1D0ADA88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"F81E7058-986E-4DE3-959F-5E4C62A30941\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"487A82C9-7B7E-4ACA-BABF-65B8504079AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCA8D4D2-D49D-4F91-95E2-2A0E8599338A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF37C911-1904-475A-86F7-F92F34A1A88F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDFFE53D-202D-4396-A470-0A09F3320375\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F60702A-BB4E-4F2A-93ED-1192EF3AB4A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"37625D47-53C3-43D5-A361-A833EE06C6D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AFB91E3-CAAC-429F-A869-DDD40FB0F84D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A9CA997-2DDA-4808-B2AE-8804FEB798B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.3:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AAE7C3A-5291-42B9-A665-0095E8559737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.3:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FD9BB14-0375-4893-8CBE-42FF5DECE3E4\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA11251\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://kb.juniper.net/JSA11251\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…