CVE-2021-0299

Опубликовано: 19 окт. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 7.1

EPSS Низкий

Описание

An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing the device to restart, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with IPv6 configured. Devices with only IPv4 configured are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S1, 20.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.4R1.

Ссылки

https://kb.juniper.net/JSA11213
Vendor Advisory
https://kb.juniper.net/JSA11213
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:juniper:junos:19.4:-:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:19.4:r1-s4:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:19.4:r2-s5:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00367

Низкий

7.5 High

CVSS3

7.1 High

CVSS2

Дефекты

CWE-755

Связанные уязвимости

GHSA-cfcv-4r42-7465

github

больше 3 лет назад

BDU:2021-06104