PT-2021-12984 · Juniper Networks · Junos Evolved
Published
2021-10-19
·
Updated
2021-10-25
·
CVE-2021-0298
CVSS v3.1
4.7
Medium
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Juniper Networks Junos OS Evolved versions prior to 20.1R2-EVO
Description:
A race condition in the 'show chassis pic' command may allow an attacker to crash the port interface concentrator daemon (picd) process, leading to a Denial of Service (DoS) condition. Continued execution of the command under precise conditions could create a sustained DoS condition.
Recommendations:
For Juniper Networks Junos OS Evolved versions prior to 20.1R2-EVO, update to version 20.1R2-EVO or later to resolve the issue. As a temporary workaround, consider restricting access to the 'show chassis pic' command to minimize the risk of exploitation.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos Evolved