CVE-2021-0241
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a specific DHCPv6 packet is received, resulting in a restart of the daemon. The daemon automatically restarts without intervention, but continued receipt and processing of these specific packets will repeatedly crash the JDHCPD process and sustain the Denial of Service (DoS) condition. This issue only affects DHCPv6. DHCPv4 is not affected by this issue. This issue affects: Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S7; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R3-S1; 19.3 versions prior to 19.3R3-S1, 19.3R3-S2; 19.4 versions prior to 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S2, 20.3R2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 17.3 < 17.3R3-S11 | affected |
| Juniper Networks | Junos OS | 17.4 < 17.4R3-S4 | affected |
| Juniper Networks | Junos OS | 18.1 < 18.1R3-S12 | affected |
| Juniper Networks | Junos OS | 18.2 < 18.2R3-S7 | affected |
| Juniper Networks | Junos OS | 18.3 < 18.3R3-S4 | affected |
| Juniper Networks | Junos OS | 18.4 < 18.4R3-S7 | affected |
| Juniper Networks | Junos OS | 19.1 < 19.1R3-S4 | affected |
| Juniper Networks | Junos OS | 19.2 < 19.2R3-S1 | affected |
| Juniper Networks | Junos OS | 19.3 < 19.3R3-S1, 19.3R3-S2 | affected |
| Juniper Networks | Junos OS | 19.4 < 19.4R3-S1 | affected |
| Juniper Networks | Junos OS | 20.1 < 20.1R2, 20.1R3 | affected |
| Juniper Networks | Junos OS | 20.2 < 20.2R2, 20.2R3 | affected |
| Juniper Networks | Junos OS | 20.3 < 20.3R1-S2, 20.3R2 | affected |
Weaknesses
- CWE-703: CWE-703 Improper Check or Handling of Exceptional Conditions
- Denial of Service (DoS)
Workarounds
There are no viable workarounds for this issue.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.