CVE-2021-0206

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 18.3R3-S4 Junos OS versions prior to 18.4R3-S1 Junos OS versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3 Junos OS versions prior to 19.2R1-S2, 19.2R2 Junos OS versions prior to 19.3R2

Description: A NULL Pointer Dereference issue in Juniper Networks Junos OS allows an attacker to send a specific packet causing the packet forwarding engine (PFE) to crash and restart, resulting in a Denial of Service (DoS). By continuously sending these specific packets, an attacker can repeatedly disable the PFE causing a sustained Denial of Service (DoS). This issue only affects Juniper Networks NFX Series, SRX Series platforms when SSL Proxy is configured.

Recommendations: For versions prior to 18.3R3-S4, update to 18.3R3-S4 or later. For versions prior to 18.4R3-S1, update to 18.4R3-S1 or later. For versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3, update to 19.1R1-S6, 19.1R2-S2, 19.1R3 or later. For versions prior to 19.2R1-S2, 19.2R2, update to 19.2R1-S2, 19.2R2 or later. For versions prior to 19.3R2, update to 19.3R2 or later. As a temporary workaround, consider disabling the SSL Proxy configuration until a patch is available.