CVE-2021-0288
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Port Concentrators) may cause FPC to crash and lead to a Denial of Service (DoS) condition. Continued receipt of this packet will sustain the Denial of Service (DoS) condition. This issue only affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2;
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 17.3 < 17.3R3-S12 | affected |
| Juniper Networks | Junos OS | 17.4 < 17.4R2-S13, 17.4R3-S5 | affected |
| Juniper Networks | Junos OS | 18.1 < 18.1R3-S13 | affected |
| Juniper Networks | Junos OS | 18.2 < 18.2R3-S8 | affected |
| Juniper Networks | Junos OS | 18.3 < 18.3R3-S5 | affected |
| Juniper Networks | Junos OS | 18.4 < 18.4R2-S8, 18.4R3-S8 | affected |
| Juniper Networks | Junos OS | 19.1 < 19.1R3-S5 | affected |
| Juniper Networks | Junos OS | 19.2 < 19.2R3-S2 | affected |
| Juniper Networks | Junos OS | 19.3 < 19.3R2-S6, 19.3R3-S3 | affected |
| Juniper Networks | Junos OS | 19.4 < 19.4R1-S4, 19.4R1-S4, 19.4R2-S4, 19.4R3-S2 | affected |
| Juniper Networks | Junos OS | 20.1 < 20.1R3 | affected |
| Juniper Networks | Junos OS | 20.2 < 20.2R2-S2, 20.2R3 | affected |
| Juniper Networks | Junos OS | 20.3 < 20.3R2 | affected |
| Juniper Networks | Junos OS | 20.4 < 20.4R2 | affected |
Weaknesses
- CWE-754: CWE-754 Improper Check for Unusual or Exceptional Conditions
Workarounds
There are no viable workarounds for this issue.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.