Details of VAR-202101-1690

ID

VAR-202101-1690

CVE

CVE-2021-0215

TITLE

plural Juniper Networks Runs on the device Junos OS Vulnerabilities in lack of freeing resources after a valid lifetime

Trust: 0.8

sources: JVNDB: JVNDB-2021-002461

DESCRIPTION

On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory leak occurs every time the 802.1X authenticator port interface flaps which can lead to other processes, such as the pfex process, responsible for packet forwarding, to crash and restart. An administrator can use the following CLI command to monitor the status of memory consumption: user@device> show task memory detail Please refer to https://kb.juniper.net/KB31522 for details. This issue affects Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D54; 15.1X49 versions prior to 15.1X49-D240 ; 15.1X53 versions prior to 15.1X53-D593; 16.1 versions prior to 16.1R7-S8; 17.2 versions prior to 17.2R3-S4; 17.3 versions prior to 17.3R3-S8; 17.4 versions prior to 17.4R2-S11, 17.4R3-S2; 18.1 versions prior to 18.1R3-S10 ; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3; 18.3 versions prior to 18.3R2-S4, 18.3R3-S2; 18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3-S2; 19.1 versions prior to 19.1R1-S5, 19.1R2-S2, 19.1R3; 19.2 versions prior to 19.2R1-S5, 19.2R2; 19.3 versions prior to 19.3R2-S3, 19.3R3; 19.4 versions prior to 19.4R1-S2, 19.4R2. This issue does not affect Juniper Networks Junos OS 12.3, 15.1. plural Juniper Networks Runs on the device Junos OS Is vulnerable to a lack of resource release after a valid lifetime.Denial of service (DoS) It may be put into a state. The operating system provides a secure programming interface and Junos SDK. The following products and models are affected: Junos OS EX, Junos OS QFX, Junos OS SRX

Trust: 1.71

sources: NVD: CVE-2021-0215 // JVNDB: JVNDB-2021-002461 // VULHUB: VHN-372117

AFFECTED PRODUCTS

vendor:	juniper	model:	junos	scope:	eq	version:	15.1x53	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	14.1x53	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	15.1x49	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	16.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.3	Trust: 1.0
vendor:	ジュニパーネットワークス	model:	junos os	scope:	eq	version:	-	Trust: 0.8
vendor:	ジュニパーネットワークス	model:	junos os	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-002461 // NVD: CVE-2021-0215

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-0215
value:	LOW
Trust: 1.0
sirt@juniper.net:	CVE-2021-0215
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-0215
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202101-1116
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-372117
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2021-0215
severity:	LOW
baseScore:	2.9
vectorString:	AV:A/AC:M/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-372117
severity:	LOW
baseScore:	2.9
vectorString:	AV:A/AC:M/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sirt@juniper.net:	CVE-2021-0215
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2021-002461
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-372117 // JVNDB: JVNDB-2021-002461 // CNNVD: CNNVD-202101-1116 // NVD: CVE-2021-0215 // NVD: CVE-2021-0215

PROBLEMTYPE DATA

problemtype:	CWE-401	Trust: 1.1
problemtype:	CWE-400	Trust: 1.0
problemtype:	Lack of resource release after valid lifetime (CWE-772) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-372117 // JVNDB: JVNDB-2021-002461 // NVD: CVE-2021-0215

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202101-1116

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202101-1116

PATCH

title:	JSA11105	url:	https://kb.juniper.net/JSA11105	Trust: 0.8
title:	Multiple Juniper Networks Product resource management error vulnerability fixes	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=139561	Trust: 0.6

sources: JVNDB: JVNDB-2021-002461 // CNNVD: CNNVD-202101-1116

EXTERNAL IDS

db:	NVD	id:	CVE-2021-0215	Trust: 2.5
db:	JUNIPER	id:	JSA11105	Trust: 1.7
db:	JVNDB	id:	JVNDB-2021-002461	Trust: 0.8
db:	CNNVD	id:	CNNVD-202101-1116	Trust: 0.7
db:	AUSCERT	id:	ESB-2021.0762	Trust: 0.6
db:	VULHUB	id:	VHN-372117	Trust: 0.1

sources: VULHUB: VHN-372117 // JVNDB: JVNDB-2021-002461 // CNNVD: CNNVD-202101-1116 // NVD: CVE-2021-0215

REFERENCES

url:	https://kb.juniper.net/jsa11105	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-0215	Trust: 1.4
url:	https://vigilance.fr/vulnerability/junos-os-ex-qfx-srx-memory-leak-via-802-1x-authenticator-port-interface-flaps-34332	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0762	Trust: 0.6

sources: VULHUB: VHN-372117 // JVNDB: JVNDB-2021-002461 // CNNVD: CNNVD-202101-1116 // NVD: CVE-2021-0215

SOURCES

db:	VULHUB	id:	VHN-372117
db:	JVNDB	id:	JVNDB-2021-002461
db:	CNNVD	id:	CNNVD-202101-1116
db:	NVD	id:	CVE-2021-0215

LAST UPDATE DATE

2024-08-14T15:33:16.805000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-372117	date:	2022-08-05T00:00:00
db:	JVNDB	id:	JVNDB-2021-002461	date:	2021-09-16T09:11:00
db:	CNNVD	id:	CNNVD-202101-1116	date:	2022-08-10T00:00:00
db:	NVD	id:	CVE-2021-0215	date:	2022-08-05T18:29:57.380

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-372117	date:	2021-01-15T00:00:00
db:	JVNDB	id:	JVNDB-2021-002461	date:	2021-09-16T00:00:00
db:	CNNVD	id:	CNNVD-202101-1116	date:	2021-01-13T00:00:00
db:	NVD	id:	CVE-2021-0215	date:	2021-01-15T18:15:15.340