Sign-up

ID

VAR-202104-0867


CVE

CVE-2021-0214


TITLE

Juniper Networks Junos OS Input validation error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202104-1151

DESCRIPTION

A vulnerability in the distributed or centralized periodic packet management daemon (PPMD) of Juniper Networks Junos OS may cause receipt of a malformed packet to crash and restart the PPMD process, leading to network destabilization, service interruption, and a Denial of Service (DoS) condition. Continued receipt and processing of these malformed packets will repeatedly crash the PPMD process and sustain the Denial of Service (DoS) condition. Due to the nature of the specifically crafted packet, exploitation of this issue requires direct, adjacent connectivity to the vulnerable component. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S12, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S6; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S5, 19.2R3-S1; 19.3 versions prior to 19.3R2-S5, 19.3R3-S1; 19.4 versions prior to 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S2, 20.2R2. Juniper Networks Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware equipment. The operating system provides a secure programming interface and Junos SDK. There is a security vulnerability in Junos OS, and there is no relevant information about this vulnerability at present, please pay attention to CNNVD or manufacturer announcements at any time

Trust: 1.08

sources: NVD: CVE-2021-0214 // VULHUB: VHN-372116 // VULMON: CVE-2021-0214

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:19.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:20.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:20.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.1

Trust: 1.0

sources: NVD: CVE-2021-0214

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-0214
value: LOW

Trust: 1.0

sirt@juniper.net: CVE-2021-0214
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202104-1151
value: MEDIUM

Trust: 0.6

VULHUB: VHN-372116
value: LOW

Trust: 0.1

VULMON: CVE-2021-0214
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2021-0214
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-372116
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sirt@juniper.net: CVE-2021-0214
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-372116 // VULMON: CVE-2021-0214 // CNNVD: CNNVD-202104-1151 // NVD: CVE-2021-0214 // NVD: CVE-2021-0214

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.1

sources: VULHUB: VHN-372116 // NVD: CVE-2021-0214

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202104-1151

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202104-1151

PATCH

title:Juniper Networks Junos OS Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=148304

Trust: 0.6

sources: CNNVD: CNNVD-202104-1151

EXTERNAL IDS

db:JUNIPERid:JSA11117

Trust: 1.8

db:NVDid:CVE-2021-0214

Trust: 1.8

db:AUSCERTid:ESB-2021.1257

Trust: 0.6

db:CNNVDid:CNNVD-202104-1151

Trust: 0.6

db:VULHUBid:VHN-372116

Trust: 0.1

db:VULMONid:CVE-2021-0214

Trust: 0.1

sources: VULHUB: VHN-372116 // VULMON: CVE-2021-0214 // CNNVD: CNNVD-202104-1151 // NVD: CVE-2021-0214

REFERENCES

url:https://kb.juniper.net/jsa11117

Trust: 1.8

url:https://vigilance.fr/vulnerability/junos-os-multiple-vulnerabilities-35081

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1257

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-0214

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-372116 // VULMON: CVE-2021-0214 // CNNVD: CNNVD-202104-1151 // NVD: CVE-2021-0214

SOURCES

db:VULHUBid:VHN-372116
db:VULMONid:CVE-2021-0214
db:CNNVDid:CNNVD-202104-1151
db:NVDid:CVE-2021-0214

LAST UPDATE DATE

2024-11-23T22:20:49.598000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-372116date:2021-04-28T00:00:00
db:VULMONid:CVE-2021-0214date:2021-04-28T00:00:00
db:CNNVDid:CNNVD-202104-1151date:2021-04-29T00:00:00
db:NVDid:CVE-2021-0214date:2024-11-21T05:42:13.193

SOURCES RELEASE DATE

db:VULHUBid:VHN-372116date:2021-04-22T00:00:00
db:VULMONid:CVE-2021-0214date:2021-04-22T00:00:00
db:CNNVDid:CNNVD-202104-1151date:2021-04-14T00:00:00
db:NVDid:CVE-2021-0214date:2021-04-22T20:15:08.353