ID

VAR-202110-0609


CVE

CVE-2021-31354


TITLE

Juniper Networks Junos OS Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202110-965

DESCRIPTION

An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). The vulnerability exists in the packet parsing logic on the client that processes the response from the server using a custom protocol. An attacker with control of a JAL License Manager, or with access to the local broadcast domain, may be able to spoof a new JAL License Manager and/or craft a response to the Junos OS License Client, leading to exploitation of this vulnerability. This issue only affects Junos systems configured in Network Mode. Systems that are configured in Standalone Mode (the default mode of operation for all systems) are not vulnerable to this issue. This issue affects: Juniper Networks Junos OS: 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS Evolved: version 20.1R1-EVO and later versions, prior to 21.2R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 19.2R1. The operating system provides a secure programming interface and Junos SDK. There is no relevant information about this vulnerability at present. Please pay attention to CNNVD or manufacturer announcements at any time

Trust: 1.08

sources: NVD: CVE-2021-31354 // VULHUB: VHN-391102 // VULMON: CVE-2021-31354

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:19.3

Trust: 1.0

vendor:junipermodel:junos os evolvedscope:eqversion:21.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:20.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:20.4

Trust: 1.0

vendor:junipermodel:junos os evolvedscope:eqversion:20.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:20.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:20.3

Trust: 1.0

vendor:junipermodel:junos os evolvedscope:eqversion:20.3

Trust: 1.0

vendor:junipermodel:junos os evolvedscope:eqversion:20.4

Trust: 1.0

vendor:junipermodel:junos os evolvedscope:eqversion:20.2

Trust: 1.0

vendor:junipermodel:junos os evolvedscope:eqversion:21.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:21.1

Trust: 1.0

sources: NVD: CVE-2021-31354

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-31354
value: HIGH

Trust: 1.0

sirt@juniper.net: CVE-2021-31354
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202110-965
value: HIGH

Trust: 0.6

VULHUB: VHN-391102
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-31354
severity: MEDIUM
baseScore: 5.4
vectorString: AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 5.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-391102
severity: MEDIUM
baseScore: 5.4
vectorString: AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 5.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-31354
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sirt@juniper.net: CVE-2021-31354
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
attackVector: ADJACENT
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: LOW
exploitabilityScore: 1.6
impactScore: 5.5
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-391102 // CNNVD: CNNVD-202110-965 // NVD: CVE-2021-31354 // NVD: CVE-2021-31354

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.1

sources: VULHUB: VHN-391102 // NVD: CVE-2021-31354

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202110-965

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202110-965

PATCH

title:Juniper Networks Junos OS Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=166582

Trust: 0.6

sources: CNNVD: CNNVD-202110-965

EXTERNAL IDS

db:NVDid:CVE-2021-31354

Trust: 1.8

db:JUNIPERid:JSA11219

Trust: 1.8

db:CNNVDid:CNNVD-202110-965

Trust: 0.7

db:AUSCERTid:ESB-2021.3424

Trust: 0.6

db:CS-HELPid:SB2021101915

Trust: 0.6

db:VULHUBid:VHN-391102

Trust: 0.1

db:VULMONid:CVE-2021-31354

Trust: 0.1

sources: VULHUB: VHN-391102 // VULMON: CVE-2021-31354 // CNNVD: CNNVD-202110-965 // NVD: CVE-2021-31354

REFERENCES

url:https://kb.juniper.net/jsa11219

Trust: 1.8

url:https://www.auscert.org.au/bulletins/esb-2021.3424

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021101915

Trust: 0.6

url:https://vigilance.fr/vulnerability/junos-os-multiple-vulnerabilities-36656

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-391102 // VULMON: CVE-2021-31354 // CNNVD: CNNVD-202110-965 // NVD: CVE-2021-31354

SOURCES

db:VULHUBid:VHN-391102
db:VULMONid:CVE-2021-31354
db:CNNVDid:CNNVD-202110-965
db:NVDid:CVE-2021-31354

LAST UPDATE DATE

2024-08-14T14:55:47.218000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-391102date:2021-10-25T00:00:00
db:VULMONid:CVE-2021-31354date:2021-10-19T00:00:00
db:CNNVDid:CNNVD-202110-965date:2021-10-26T00:00:00
db:NVDid:CVE-2021-31354date:2021-10-25T21:52:14.557

SOURCES RELEASE DATE

db:VULHUBid:VHN-391102date:2021-10-19T00:00:00
db:VULMONid:CVE-2021-31354date:2021-10-19T00:00:00
db:CNNVDid:CNNVD-202110-965date:2021-10-13T00:00:00
db:NVDid:CVE-2021-31354date:2021-10-19T19:15:08.777