CVE-2021-0237
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On Juniper Networks EX4300-MP Series, EX4600 Series, EX4650 Series, QFX5K Series deployed as a Virtual Chassis with a specific Layer 2 circuit configuration, Packet Forwarding Engine manager (FXPC) process may crash and restart upon receipt of specific layer 2 frames. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on EX4300-MP Series, EX4600 Series, EX4650 Series, QFX5K Series 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4, 17.4R3-S5; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S7, 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S1; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S2, 20.3R2;
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 15.1 < 15.1R7-S9 | affected |
| Juniper Networks | Junos OS | 17.3 < 17.3R3-S11 | affected |
| Juniper Networks | Junos OS | 17.4 < 17.4R2-S13, 17.4R3-S4, 17.4R3-S5 | affected |
| Juniper Networks | Junos OS | 18.2 < 18.2R3-S8 | affected |
| Juniper Networks | Junos OS | 18.3 < 18.3R3-S4 | affected |
| Juniper Networks | Junos OS | 18.4 < 18.4R2-S7, 18.4R3-S6 | affected |
| Juniper Networks | Junos OS | 19.1 < 19.1R3-S4 | affected |
| Juniper Networks | Junos OS | 19.2 < 19.2R1-S6, 19.2R3-S1 | affected |
| Juniper Networks | Junos OS | 19.3 < 19.3R3-S1 | affected |
| Juniper Networks | Junos OS | 19.4 < 19.4R2-S4, 19.4R3-S1 | affected |
| Juniper Networks | Junos OS | 20.1 < 20.1R2 | affected |
| Juniper Networks | Junos OS | 20.2 < 20.2R2, 20.2R3 | affected |
| Juniper Networks | Junos OS | 20.3 < 20.3R1-S2, 20.3R2 | affected |
Weaknesses
- 754 - Improper Check for Unusual or Exceptional Conditions
- Denial of Service (DoS)
Workarounds
There are no viable workarounds for this issue.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.