CVE-2021-31383

EPSS 0.46%
Veröffentlicht 19.10.2021 19:15:11
Zuletzt bearbeitet 21.11.2024 06:05:34
Quelle sirt@juniper.net
CVE-Watchlists
Login
Unerledigt
Login

Junos OS and Junos OS Evolved: In Point to MultiPoint (P2MP) scenarios receipt of various crafted packets causes RPD to core.

In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a remote unauthenticated network attacker causes the RPD to crash causing a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.2R1. Juniper Networks Junos OS Evolved 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 4

NVD 69 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Juniper ≫ Junos Version19.2 Update-

Juniper ≫ Junos Version19.2 Updater1

Juniper ≫ Junos Version19.2 Updater1-s1

Juniper ≫ Junos Version19.2 Updater1-s2

Juniper ≫ Junos Version19.2 Updater1-s3

Juniper ≫ Junos Version19.2 Updater1-s4

Juniper ≫ Junos Version19.2 Updater1-s5

Juniper ≫ Junos Version19.2 Updater1-s6

Juniper ≫ Junos Version19.2 Updater2

Juniper ≫ Junos Version19.2 Updater2-s1

Juniper ≫ Junos Version19.2 Updater3

Juniper ≫ Junos Version19.2 Updater3-s1

Juniper ≫ Junos Version19.3 Update-

Juniper ≫ Junos Version19.3 Updater1

Juniper ≫ Junos Version19.3 Updater1-s1

Juniper ≫ Junos Version19.3 Updater2

Juniper ≫ Junos Version19.3 Updater2-s1

Juniper ≫ Junos Version19.3 Updater2-s2

Juniper ≫ Junos Version19.3 Updater2-s3

Juniper ≫ Junos Version19.3 Updater2-s4

Juniper ≫ Junos Version19.3 Updater2-s5

Juniper ≫ Junos Version19.3 Updater3

Juniper ≫ Junos Version19.3 Updater3-s1

Juniper ≫ Junos Version19.4 Updater1

Juniper ≫ Junos Version19.4 Updater1-s1

Juniper ≫ Junos Version19.4 Updater1-s2

Juniper ≫ Junos Version19.4 Updater1-s3

Juniper ≫ Junos Version19.4 Updater2

Juniper ≫ Junos Version19.4 Updater2-s1

Juniper ≫ Junos Version19.4 Updater2-s2

Juniper ≫ Junos Version19.4 Updater2-s3

Juniper ≫ Junos Version19.4 Updater3

Juniper ≫ Junos Version19.4 Updater3-s1

Juniper ≫ Junos Version19.4 Updater3-s2

Juniper ≫ Junos Version20.1 Updater1

Juniper ≫ Junos Version20.1 Updater1-s1

Juniper ≫ Junos Version20.1 Updater1-s2

Juniper ≫ Junos Version20.1 Updater1-s3

Juniper ≫ Junos Version20.1 Updater1-s4

Juniper ≫ Junos Version20.1 Updater2

Juniper ≫ Junos Version20.1 Updater2-s1

Juniper ≫ Junos Version20.2 Updater1

Juniper ≫ Junos Version20.2 Updater1-s1

Juniper ≫ Junos Version20.2 Updater1-s2

Juniper ≫ Junos Version20.2 Updater1-s3

Juniper ≫ Junos Version20.2 Updater2

Juniper ≫ Junos Version20.2 Updater2-s1

Juniper ≫ Junos Version20.2 Updater2-s2

Juniper ≫ Junos Version20.3 Updater1

Juniper ≫ Junos Version20.3 Updater1-s1

Juniper ≫ Junos Os Evolved Version20.1 Update-

Juniper ≫ Junos Os Evolved Version20.1 Updater1

Juniper ≫ Junos Os Evolved Version20.1 Updater1-s1

Juniper ≫ Junos Os Evolved Version20.1 Updater2

Juniper ≫ Junos Os Evolved Version20.1 Updater2-s1

Juniper ≫ Junos Os Evolved Version20.1 Updater2-s2

Juniper ≫ Junos Os Evolved Version20.1 Updater2-s3

Juniper ≫ Junos Os Evolved Version20.1 Updater2-s4

Juniper ≫ Junos Os Evolved Version20.1 Updater2-s5

Juniper ≫ Junos Os Evolved Version20.2 Update-

Juniper ≫ Junos Os Evolved Version20.2 Updater1

Juniper ≫ Junos Os Evolved Version20.2 Updater1-s1

Juniper ≫ Junos Os Evolved Version20.2 Updater2

Juniper ≫ Junos Os Evolved Version20.2 Updater2-s1

Juniper ≫ Junos Os Evolved Version20.3 Update-

Juniper ≫ Junos Os Evolved Version20.3 Updater1

Juniper ≫ Junos Os Evolved Version20.3 Updater1-s1

Juniper ≫ Junos Os Evolved Version20.3 Updater1-s2

Juniper ≫ Junos Os Evolved Version20.3 Updater1-s3

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.46%	0.614

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P
sirt@juniper.net	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://kb.juniper.net/JSA11251

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-31383

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-31383

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-31383

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2021-31383