CVE-2021-0250
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In segment routing traffic engineering (SRTE) environments where the BGP Monitoring Protocol (BMP) feature is enable, a vulnerability in the Routing Protocol Daemon (RPD) process of Juniper Networks Junos OS allows an attacker to send a specific crafted BGP update message causing the RPD service to core, creating a Denial of Service (DoS) Condition. Continued receipt and processing of this update message will create a sustained Denial of Service (DoS) condition. This issue affects IPv4 and IPv6 environments. This issue affects: Juniper Networks Junos OS 17.4 versions 17.4R1 and above prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R2-S6, 18.2R3-S3; 18.3 versions prior to 18.3R1-S7, 18.3R2-S3, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3; 19.1 versions prior to 19.1R1-S4, 19.1R2; 19.2 versions prior to 19.2R1-S3, 19.2R2, This issue does not affect Junos OS releases prior to 17.4R1. This issue affects: Juniper Networks Junos OS Evolved 19.2-EVO versions prior to 19.2R2-EVO.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 17.4R1 < unspecified | affected |
| Juniper Networks | Junos OS | 17.4 < 17.4R2-S6, 17.4R3 | affected |
| Juniper Networks | Junos OS | 18.1 < 18.1R3-S7 | affected |
| Juniper Networks | Junos OS | 18.2 < 18.2R2-S6, 18.2R3-S3 | affected |
| Juniper Networks | Junos OS | 18.3 < 18.3R1-S7, 18.3R2-S3, 18.3R3 | affected |
| Juniper Networks | Junos OS | 18.4 < 18.4R1-S5, 18.4R2-S3, 18.4R3 | affected |
| Juniper Networks | Junos OS | 19.1 < 19.1R1-S4, 19.1R2 | affected |
| Juniper Networks | Junos OS | 19.2 < 19.2R1-S3, 19.2R2 | affected |
| Juniper Networks | Junos OS Evolved | 19.2-EVO < 19.2R2-EVO | affected |
Weaknesses
- Denial of Service (DoS)
Workarounds
Disable BGP monitoring protocol until a fix can be applied.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.