CVE-2021-0208

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 17.3R3-S10 except 15.1X49-D240 for SRX series Juniper Networks Junos OS versions 17.4 prior to 17.4R3-S2 Juniper Networks Junos OS versions 18.1 prior to 18.1R3-S10 Juniper Networks Junos OS versions 18.2 prior to 18.2R2-S7, 18.2R3-S4 Juniper Networks Junos OS versions 18.3 prior to 18.3R3-S2 Juniper Networks Junos OS versions 18.4 prior to 18.4R1-S8, 18.4R2-S6, 18.4R3-S2 Juniper Networks Junos OS versions 19.1 prior to 19.1R1-S5, 19.1R3-S3 Juniper Networks Junos OS versions 19.2 prior to 19.2R3 Juniper Networks Junos OS versions 19.3 prior to 19.3R2-S5, 19.3R3 Juniper Networks Junos OS versions 19.4 prior to 19.4R2-S2, 19.4R3-S1 Juniper Networks Junos OS versions 20.1 prior to 20.1R1-S4, 20.1R2 Juniper Networks Junos OS versions 15.1X49 prior to 15.1X49-D240 on SRX Series Juniper Networks Junos OS Evolved versions 19.3 prior to 19.3R2-S5-EVO Juniper Networks Junos OS Evolved versions 19.4 prior to 19.4R2-S2-EVO Juniper Networks Junos OS Evolved versions 20.1 prior to 20.1R1-S4-EVO

Description: The issue is related to an improper input validation vulnerability in the Routing Protocol Daemon (RPD) service, allowing an attacker to send a malformed RSVP packet when bidirectional LSPs are in use. This can cause the RPD to crash, resulting in a Denial of Service (DoS) condition. Continued receipt of the packet will sustain the Denial of Service.

Recommendations: For Juniper Networks Junos OS versions prior to 17.3R3-S10, update to version 17.3R3-S10 or later. For Juniper Networks Junos OS versions 17.4 prior to 17.4R3-S2, update to version 17.4R3-S2 or later. For Juniper Networks Junos OS versions 18.1 prior to 18.1R3-S10, update to version 18.1R3-S10 or later. For Juniper Networks Junos OS versions 18.2 prior to 18.2R2-S7, 18.2R3-S4, update to version 18.2R2-S7, 18.2R3-S4 or later. For Juniper Networks Junos OS versions 18.3 prior to 18.3R3-S2, update to version 18.3R3-S2 or later. For Juniper Networks Junos OS versions 18.4 prior to 18.4R1-S8, 18.4R2-S6, 18.4R3-S2, update to version 18.4R1-S8, 18.4R2-S6, 18.4R3-S2 or later. For Juniper Networks Junos OS versions 19.1 prior to 19.1R1-S5, 19.1R3-S3, update to version 19.1R1-S5, 19.1R3-S3 or later. For Juniper Networks Junos OS versions 19.2 prior to 19.2R3, update to version 19.2R3 or later. For Juniper Networks Junos OS versions 19.3 prior to 19.3R2-S5, 19.3R3, update to version 19.3R2-S5, 19.3R3 or later. For Juniper Networks Junos OS versions 19.4 prior to 19.4R2-S2, 19.4R3-S1, update to version 19.4R2-S2, 19.4R3-S1 or later. For Juniper Networks Junos OS versions 20.1 prior to 20.1R1-S4, 20.1R2, update to version 20.1R1-S4, 20.1R2 or later. For Juniper Networks Junos OS versions 15.1X49 prior to 15.1X49-D240 on SRX Series, update to version 15.1X49-D240 or later. For Juniper Networks Junos OS Evolved versions 19.3 prior to 19.3R2-S5-EVO, update to version 19.3R2-S5-EVO or later. For Juniper Networks Junos OS Evolved versions 19.4 prior to 19.4R2-S2-EVO, update to version 19.4R2-S2-EVO or later. For Juniper Networks Junos OS Evolved versions 20.1 prior to 20.1R1-S4-EVO, update to version 20.1R1-S4-EVO or later.