CVE-2021-0227
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An improper restriction of operations within the bounds of a memory buffer vulnerability in Juniper Networks Junos OS J-Web on SRX Series devices allows an attacker to cause Denial of Service (DoS) by sending certain crafted HTTP packets. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. When this issue occurs, web-management, NTP daemon (ntpd) and Layer 2 Control Protocol process (L2CPD) daemons might crash. This issue affects Juniper Networks Junos OS on SRX Series: 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S11, 17.4R3-S2; 18.2 versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R1-S5, 19.2R3; 19.3 versions prior to 19.3R3; 19.4 versions prior to 19.4R2-S1, 19.4R3; 20.1 versions prior to 20.1R1-S2, 20.1R2;
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 17.3 < 17.3R3-S9 | affected |
| Juniper Networks | Junos OS | 17.4 < 17.4R2-S11, 17.4R3-S2 | affected |
| Juniper Networks | Junos OS | 18.2 < 18.2R3-S5 | affected |
| Juniper Networks | Junos OS | 18.3 < 18.3R2-S4, 18.3R3-S3 | affected |
| Juniper Networks | Junos OS | 18.4 < 18.4R2-S5, 18.4R3-S4 | affected |
| Juniper Networks | Junos OS | 19.1 < 19.1R3-S2 | affected |
| Juniper Networks | Junos OS | 19.2 < 19.2R1-S5, 19.2R3 | affected |
| Juniper Networks | Junos OS | 19.3 < 19.3R3 | affected |
| Juniper Networks | Junos OS | 19.4 < 19.4R2-S1, 19.4R3 | affected |
| Juniper Networks | Junos OS | 20.1 < 20.1R1-S2, 20.1R2 | affected |
Weaknesses
- CWE-119: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
- Denial of Service (DoS)
Workarounds
There are no viable workarounds for this issue.
To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.