Sign-up

ID

VAR-202104-0556


CVE

CVE-2021-0225


TITLE

Juniper Networks Junos OS Code problem vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202104-1128

DESCRIPTION

An Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS Evolved may cause the stateless firewall filter configuration which uses the action 'policer' in certain combinations with other options to not take effect. An administrator can use the following CLI command to see the failures with filter configuration: user@device> show log kfirewall-agent.log | match ERROR Jul 23 14:16:03 ERROR: filter not supported This issue affects Juniper Networks Junos OS Evolved: Versions 19.1R1-EVO and above prior to 20.3R1-S2-EVO, 20.3R2-EVO. This issue does not affect Juniper Networks Junos OS. The operating system provides a secure programming interface and Junos SDK. There is a security vulnerability in Junos OS, and there is no relevant information about this vulnerability at present, please pay attention to CNNVD or manufacturer announcements at any time

Trust: 1.08

sources: NVD: CVE-2021-0225 // VULHUB: VHN-372127 // VULMON: CVE-2021-0225

AFFECTED PRODUCTS

vendor:junipermodel:junos os evolvedscope:eqversion:19.1

Trust: 1.0

vendor:junipermodel:junos os evolvedscope:eqversion:20.3

Trust: 1.0

vendor:junipermodel:junos os evolvedscope:eqversion:20.2

Trust: 1.0

vendor:junipermodel:junos os evolvedscope:eqversion:19.3

Trust: 1.0

vendor:junipermodel:junos os evolvedscope:eqversion:20.1

Trust: 1.0

vendor:junipermodel:junos os evolvedscope:eqversion:19.2

Trust: 1.0

sources: NVD: CVE-2021-0225

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-0225
value: MEDIUM

Trust: 1.0

sirt@juniper.net: CVE-2021-0225
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202104-1128
value: MEDIUM

Trust: 0.6

VULHUB: VHN-372127
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-0225
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-0225
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-372127
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-0225
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 2.0

sources: VULHUB: VHN-372127 // VULMON: CVE-2021-0225 // CNNVD: CNNVD-202104-1128 // NVD: CVE-2021-0225 // NVD: CVE-2021-0225

PROBLEMTYPE DATA

problemtype:CWE-754

Trust: 1.1

sources: VULHUB: VHN-372127 // NVD: CVE-2021-0225

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202104-1128

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202104-1128

PATCH

title:Juniper Networks Junos OS Fixes for code issue vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=148301

Trust: 0.6

sources: CNNVD: CNNVD-202104-1128

EXTERNAL IDS

db:JUNIPERid:JSA11120

Trust: 1.8

db:NVDid:CVE-2021-0225

Trust: 1.8

db:AUSCERTid:ESB-2021.1260

Trust: 0.6

db:CNNVDid:CNNVD-202104-1128

Trust: 0.6

db:VULHUBid:VHN-372127

Trust: 0.1

db:VULMONid:CVE-2021-0225

Trust: 0.1

sources: VULHUB: VHN-372127 // VULMON: CVE-2021-0225 // CNNVD: CNNVD-202104-1128 // NVD: CVE-2021-0225

REFERENCES

url:https://kb.juniper.net/jsa11120

Trust: 1.8

url:https://vigilance.fr/vulnerability/junos-os-multiple-vulnerabilities-35081

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-0225

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1260

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/754.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-372127 // VULMON: CVE-2021-0225 // CNNVD: CNNVD-202104-1128 // NVD: CVE-2021-0225

SOURCES

db:VULHUBid:VHN-372127
db:VULMONid:CVE-2021-0225
db:CNNVDid:CNNVD-202104-1128
db:NVDid:CVE-2021-0225

LAST UPDATE DATE

2024-11-23T22:54:52.148000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-372127date:2021-04-27T00:00:00
db:VULMONid:CVE-2021-0225date:2021-04-27T00:00:00
db:CNNVDid:CNNVD-202104-1128date:2021-04-28T00:00:00
db:NVDid:CVE-2021-0225date:2024-11-21T05:42:14.797

SOURCES RELEASE DATE

db:VULHUBid:VHN-372127date:2021-04-22T00:00:00
db:VULMONid:CVE-2021-0225date:2021-04-22T00:00:00
db:CNNVDid:CNNVD-202104-1128date:2021-04-14T00:00:00
db:NVDid:CVE-2021-0225date:2021-04-22T20:15:08.463