Описание
An Improper Check for Unusual or Exceptional Conditions vulnerability in the pfe (packet forwarding engine) of Juniper Networks Junos OS on MX Series causes a port within a pool to be blocked leading to Denial of Service (DoS).
In a DS-Lite (Dual-Stack Lite) and NAT (Network Address Translation) scenario, when crafted IPv6 traffic is received and prefix-length is set to 56, the ports assigned to the user will not be freed. Eventually, users cannot establish new connections. Affected FPC/PIC need to be manually restarted to recover. Following is the command to identify the issue:
user@host> show services nat source port-block Host_IP External_IP Port_Block Ports_Used/ Block_State/ Range Ports_Total Left_Time(s) 2001:: �
EPSS
7.5 High
CVSS3
Дефекты
Связанные уязвимости
An Improper Check for Unusual or Exceptional Conditions vulnerability in the pfe (packet forwarding engine) of Juniper Networks Junos OS on MX Series causes a port within a pool to be blocked leading to Denial of Service (DoS). In a DS-Lite (Dual-Stack Lite) and NAT (Network Address Translation) scenario, when crafted IPv6 traffic is received and prefix-length is set to 56, the ports assigned to the user will not be freed. Eventually, users cannot establish new connections. Affected FPC/PIC need to be manually restarted to recover. Following is the command to identify the issue: user@host> show services nat source port-block Host_IP External_IP Port_Block Ports_Used/ Block_State/ Range Ports_Total Left_Time(s) 2001:: �...
Уязвимость технологии DS-Lite (Dual-Stack Lite) и NAT (Network Address Translation) операционной системы Junos OS маршрутизаторов серии MX, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3