Vulnerabilities > CVE-2021-0281 - Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

juniper

CWE-754

NVD

Published: 2021-07-15

Updated: 2021-07-28

Summary

On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R2-S2-EVO.

Vulnerable Configurations

Part	Description	Count
OS	Juniper Juniper Junos 17.3 Juniper Junos 17.4 Juniper Junos 18.1 Juniper Junos 18.2 Juniper Junos 18.3 Juniper Junos 18.4 Juniper Junos 19.1 Juniper Junos 19.2 Juniper Junos 19.3 Juniper Junos 19.4 Juniper Junos 20.1 Juniper Junos 20.2 Juniper Junos 20.3 Juniper Junos 20.4	203

Common Weakness Enumeration (CWE)

CWE-754 - Improper Check for Unusual or Exceptional Conditions

References

https://kb.juniper.net/JSA11185