Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2021-0211

Disclosure Date: January 13, 2021
CVE-2021-0211 CVSS v3 Base Score: 10.0
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) service allows an attacker to send a valid BGP FlowSpec message thereby causing an unexpected change in the route advertisements within the BGP FlowSpec domain leading to disruptions in network traffic causing a Denial of Service (DoS) condition. Continued receipt of these update messages will cause a sustained Denial of Service condition. This issue affects Juniper Networks: Junos OS: All versions prior to 17.3R3-S10 with the exceptions of 15.1X49-D240 on SRX Series and 15.1R7-S8 on EX Series; 17.3 versions prior to 17.3R3-S10; 17.4 versions prior to 17.4R2-S12, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S6; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S6, 18.4R3-S6; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S3; 19.2 versions prior to 19.2R3-S1; 19.3 versions prior to 19.3R2-S5, 19.3R3-S1; 19.4 versions prior to 19.4R1-S3, 19.4R2-S3, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S3 20.2R2; 20.3 versions prior to 20.3R1-S1, 20.3R2. Junos OS Evolved: All versions prior to 20.3R1-S1-EVO, 20.3R2-EVO.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
10.0 Critical
Impact Score:
5.8
Exploitability Score:
3.9
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Changed
Confidentiality (C):
None
Integrity (I):
High
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Junos OS 15.1R7-S8
Junos OS 17.3R3-S10
Junos OS 17.4R2-S12, 17.4R3-S4
Junos OS 18.1R3-S12
Junos OS 18.2R2-S8, 18.2R3-S6
Junos OS 18.3R3-S4
Junos OS 18.4R1-S8, 18.4R2-S6, 18.4R3-S6
Junos OS 19.1R1-S6, 19.1R2-S2, 19.1R3-S3
Junos OS 19.2R3-S1
Junos OS 19.3R2-S5, 19.3R3-S1
Junos OS 19.4R1-S3, 19.4R2-S3, 19.4R3
Junos OS 20.1R2
Junos OS 20.2R1-S3 20.2R2
Junos OS 20.3R1-S1, 20.3R2
Junos OS 15.1X490-D240
Junos OS Evolved 20.3R1-S1-EVO, 20.3R2-EVO
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • juniper

Products

  • junos 15.1,
  • junos 15.1x49,
  • junos 15.1x49-d140,
  • junos 15.1x49-d150,
  • junos 15.1x49-d160,
  • junos 15.1x49-d30,
  • junos 15.1x49-d60,
  • junos 17.3,
  • junos 17.4,
  • junos 18.1,
  • junos 18.2,
  • junos 18.3,
  • junos 18.4,
  • junos 19.1,
  • junos 19.2,
  • junos 19.3,
  • junos 19.4,
  • junos 20.1,
  • junos 20.2,
  • junos 20.3,
  • junos os evolved 19.2,
  • junos os evolved 19.3,
  • junos os evolved 19.4,
  • junos os evolved 20.1,
  • junos os evolved 20.2,
  • junos os evolved 20.3

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis