Details of VAR-202104-0543

ID

VAR-202104-0543

CVE

CVE-2021-0254

TITLE

Juniper Networks Junos OS Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202104-1027

DESCRIPTION

A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially crafted packets to the device, triggering a partial Denial of Service (DoS) condition, or leading to remote code execution (RCE). Continued receipt and processing of these packets will sustain the partial DoS. The overlayd daemon handles Overlay OAM packets, such as ping and traceroute, sent to the overlay. The service runs as root by default and listens for UDP connections on port 4789. This issue results from improper buffer size validation, which can lead to a buffer overflow. Unauthenticated attackers can send specially crafted packets to trigger this vulnerability, resulting in possible remote code execution. overlayd runs by default in MX Series, ACX Series, and QFX Series platforms. The SRX Series does not support VXLAN and is therefore not vulnerable to this issue. Other platforms are also vulnerable if a Virtual Extensible LAN (VXLAN) overlay network is configured. This issue affects Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R2-S1, 20.2R3; 20.3 versions prior to 20.3R1-S1. Juniper Networks Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware equipment. The operating system provides a secure programming interface and Junos SDK. There is a security vulnerability in Junos OS, and there is no relevant information about this vulnerability at present, please pay attention to CNNVD or manufacturer announcements at any time

Trust: 1.08

sources: NVD: CVE-2021-0254 // VULHUB: VHN-372156 // VULMON: CVE-2021-0254

AFFECTED PRODUCTS

vendor:	juniper	model:	junos	scope:	eq	version:	19.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	20.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	20.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	20.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	15.1	Trust: 1.0

sources: NVD: CVE-2021-0254

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-0254
value:	HIGH
Trust: 1.0
sirt@juniper.net:	CVE-2021-0254
value:	CRITICAL
Trust: 1.0
CNNVD:	CNNVD-202104-1027
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-372156
value:	HIGH
Trust: 0.1
VULMON:	CVE-2021-0254
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-0254
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-372156
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sirt@juniper.net:	CVE-2021-0254
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-372156 // VULMON: CVE-2021-0254 // CNNVD: CNNVD-202104-1027 // NVD: CVE-2021-0254 // NVD: CVE-2021-0254

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.1
problemtype:	CWE-131	Trust: 1.0

sources: VULHUB: VHN-372156 // NVD: CVE-2021-0254

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202104-1027

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202104-1027

PATCH

title:

Juniper Networks Junos OS Security vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=148046

Trust: 0.6

sources: CNNVD: CNNVD-202104-1027

EXTERNAL IDS

db:	NVD	id:	CVE-2021-0254	Trust: 1.8
db:	JUNIPER	id:	JSA11147	Trust: 1.8
db:	AUSCERT	id:	ESB-2021.1328	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-1027	Trust: 0.6
db:	VULHUB	id:	VHN-372156	Trust: 0.1
db:	VULMON	id:	CVE-2021-0254	Trust: 0.1

sources: VULHUB: VHN-372156 // VULMON: CVE-2021-0254 // CNNVD: CNNVD-202104-1027 // NVD: CVE-2021-0254

REFERENCES

url:	https://kb.juniper.net/jsa11147	Trust: 1.8
url:	https://vigilance.fr/vulnerability/junos-os-multiple-vulnerabilities-35081	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-0254	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1328	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/131.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://kb.juniper.net/infocenter/index?page=content&id=jsa11147	Trust: 0.1

sources: VULHUB: VHN-372156 // VULMON: CVE-2021-0254 // CNNVD: CNNVD-202104-1027 // NVD: CVE-2021-0254

SOURCES

db:	VULHUB	id:	VHN-372156
db:	VULMON	id:	CVE-2021-0254
db:	CNNVD	id:	CNNVD-202104-1027
db:	NVD	id:	CVE-2021-0254

LAST UPDATE DATE

2024-11-23T22:16:06.186000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-372156	date:	2022-08-05T00:00:00
db:	VULMON	id:	CVE-2021-0254	date:	2021-04-27T00:00:00
db:	CNNVD	id:	CNNVD-202104-1027	date:	2022-08-10T00:00:00
db:	NVD	id:	CVE-2021-0254	date:	2024-11-21T05:42:19.537

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-372156	date:	2021-04-22T00:00:00
db:	VULMON	id:	CVE-2021-0254	date:	2021-04-22T00:00:00
db:	CNNVD	id:	CNNVD-202104-1027	date:	2021-04-14T00:00:00
db:	NVD	id:	CVE-2021-0254	date:	2021-04-22T20:15:09.460