fkie_cve-2021-31351
Vulnerability from fkie_nvd
Published
2021-10-19 19:15
Modified
2024-11-21 06:05
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An Improper Check for Unusual or Exceptional Conditions in packet processing on the MS-MPC/MS-MIC utilized by Juniper Networks Junos OS allows a malicious attacker to send a specific packet, triggering the MS-MPC/MS-MIC to reset, causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects specific versions of Juniper Networks Junos OS on MX Series: 17.3R3-S11; 17.4R2-S13; 17.4R3 prior to 17.4R3-S5; 18.1R3-S12; 18.2R2-S8, 18.2R3-S7, 18.2R3-S8; 18.3R3-S4; 18.4R3-S7; 19.1R3-S4, 19.1R3-S5; 19.2R1-S6; 19.3R3-S2; 19.4R2-S4, 19.4R2-S5; 19.4R3-S2; 20.1R2-S1; 20.2R2-S2, 20.2R2-S3, 20.2R3; 20.3R2, 20.3R2-S1; 20.4R1, 20.4R1-S1, 20.4R2; 21.1R1; This issue does not affect any version of Juniper Networks Junos OS prior to 15.1X49-D240;
References
sirt@juniper.nethttps://kb.juniper.net/JSA11216Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.juniper.net/JSA11216Vendor Advisory
Impacted products
Vendor Product Version
juniper junos 17.3
juniper junos 17.4
juniper junos 17.4
juniper junos 17.4
juniper junos 17.4
juniper junos 17.4
juniper junos 17.4
juniper junos 18.1
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.3
juniper junos 18.4
juniper junos 19.1
juniper junos 19.1
juniper junos 19.2
juniper junos 19.3
juniper junos 19.4
juniper junos 19.4
juniper junos 19.4
juniper junos 20.1
juniper junos 20.2
juniper junos 20.2
juniper junos 20.2
juniper junos 20.3
juniper junos 20.3
juniper junos 20.4
juniper junos 20.4
juniper junos 20.4
juniper junos 21.1
juniper mx10 -
juniper mx10000 -
juniper mx10003 -
juniper mx10008 -
juniper mx10016 -
juniper mx104 -
juniper mx150 -
juniper mx2008 -
juniper mx2010 -
juniper mx2020 -
juniper mx204 -
juniper mx240 -
juniper mx40 -
juniper mx480 -
juniper mx5 -
juniper mx80 -
juniper mx960 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s11:*:*:*:*:*:*",
              "matchCriteriaId": "DE0C7BD5-4D13-4C20-B2C9-524F72B206F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s13:*:*:*:*:*:*",
              "matchCriteriaId": "03BCD35E-29D3-4F8C-ABE9-32C7010FD796",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "8732E25A-9073-4C7B-9E89-C02368728EB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "09255363-BF79-4FC3-AADD-5FAD0902174F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "11A24AA6-5378-4EEA-82D5-66A5F1110698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "64CF2868-993A-48C8-8FBA-892507BBBF21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "D2D5D460-EC5C-46BF-8017-CB87B45C69BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s12:*:*:*:*:*:*",
              "matchCriteriaId": "46F9BD74-D57A-4689-81AB-D53DEBABBD5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s8:*:*:*:*:*:*",
              "matchCriteriaId": "27D9AEBC-2CA3-4E17-9543-D60B10BA2AE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r3-s7:*:*:*:*:*:*",
              "matchCriteriaId": "F2DEF924-0165-41B5-8A9D-A75596433CD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r3-s8:*:*:*:*:*:*",
              "matchCriteriaId": "72BA91B4-6595-4CD1-82F7-535AE2D0305A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "75F125DC-3A21-489F-B324-A586F5BA350A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s7:*:*:*:*:*:*",
              "matchCriteriaId": "14FC491D-8DA8-4E79-A9A6-3629E41C847A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "69E2DF80-63D8-48DD-BC73-C406B7AA3C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s5:*:*:*:*:*:*",
              "matchCriteriaId": "8120EAC3-DCCB-4429-A372-C0DAA3270A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s6:*:*:*:*:*:*",
              "matchCriteriaId": "ADCE4EA8-DDBA-4766-BB81-E4DA29723723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "D3FEA876-302D-4F07-94E6-237C669538F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*",
              "matchCriteriaId": "760E2418-B945-4467-BDAC-7702DDF4C4EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s5:*:*:*:*:*:*",
              "matchCriteriaId": "98097AB6-56CB-42E4-96B4-ABBD4F36553C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "ED73BF1A-96E4-49F1-A6AA-7B29DAA6C112",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "D9789FF8-D55C-4AF9-A250-E543A0EB826F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "F3DC01F2-6DFE-4A8E-9962-5E59AA965935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52699E2B-450A-431C-81E3-DC4483C8B4F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5627740-42E3-4FB1-B8B9-0B768AFFA1EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx10016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C39DA74D-F5C7-4C11-857D-50631A110644",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F72C850A-0530-4DB7-A553-7E19F82122B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FE2089C-F341-4DC1-B76D-633BC699306D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27175D9A-CA2C-4218-8042-835E25DFCA43",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00C7FC57-8ACF-45AA-A227-7E3B350FD24F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2754C2DF-DF6E-4109-9463-38B4E0465B77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C982A2FF-A1F9-4830-BAB6-77CFCE1F093F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B557965-0040-4048-B56C-F564FF28635B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB875EBD-A3CD-4466-B2A3-39D47FF94592",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Improper Check for Unusual or Exceptional Conditions in packet processing on the MS-MPC/MS-MIC utilized by Juniper Networks Junos OS allows a malicious attacker to send a specific packet, triggering the MS-MPC/MS-MIC to reset, causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects specific versions of Juniper Networks Junos OS on MX Series: 17.3R3-S11; 17.4R2-S13; 17.4R3 prior to 17.4R3-S5; 18.1R3-S12; 18.2R2-S8, 18.2R3-S7, 18.2R3-S8; 18.3R3-S4; 18.4R3-S7; 19.1R3-S4, 19.1R3-S5; 19.2R1-S6; 19.3R3-S2; 19.4R2-S4, 19.4R2-S5; 19.4R3-S2; 20.1R2-S1; 20.2R2-S2, 20.2R2-S3, 20.2R3; 20.3R2, 20.3R2-S1; 20.4R1, 20.4R1-S1, 20.4R2; 21.1R1; This issue does not affect any version of Juniper Networks Junos OS prior to 15.1X49-D240;"
    },
    {
      "lang": "es",
      "value": "Una comprobaci\u00f3n inapropiada de condiciones inusuales o excepcionales en el procesamiento de paquetes en el MS-MPC/MS-MIC usado por Juniper Networks Junos OS permite a un atacante malicioso enviar un paquete espec\u00edfico, haciendo que el MS-MPC/MS-MIC se reinicie, causando una Denegaci\u00f3n de Servicio (DoS). Si se sigue recibiendo y procesando este paquete, se crear\u00e1 una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. Este problema s\u00f3lo afecta a versiones espec\u00edficas de Juniper Networks Junos OS en la serie MX: 17.3R3-S11; 17.4R2-S13; 17.4R3 anterior a 17.4R3-S5; 18.1R3-S12; 18.2R2-S8, 18.2R3-S7, 18.2R3-S8; 18.3R3-S4; 18.4R3-S7; 19.1R3-S4, 19.1R3-S5; 19.2R1-S6; 19.3R3-S2; 19.4R2-S4, 19.4R2-S5; 19. 4R3-S2; 20.1R2-S1; 20.2R2-S2, 20.2R2-S3, 20.2R3; 20.3R2, 20.3R2-S1; 20.4R1, 20.4R1-S1, 20.4R2; 21.1R1; Este problema no afecta a ninguna versi\u00f3n de Juniper Networks Junos OS anterior a la 15.1X49-D240;"
    }
  ],
  "id": "CVE-2021-31351",
  "lastModified": "2024-11-21T06:05:28.723",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      }
    ]
  },
  "published": "2021-10-19T19:15:08.597",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11216"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.