CVE-2021-0282

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 12.3R12-S18 Juniper Networks Junos OS versions prior to 15.1R7-S9 Juniper Networks Junos OS versions prior to 17.3R3-S11 Juniper Networks Junos OS versions prior to 17.4R2-S13 Juniper Networks Junos OS versions prior to 17.4R3-S4 Juniper Networks Junos OS versions prior to 18.1R3-S12 Juniper Networks Junos OS versions prior to 18.2R3-S7 Juniper Networks Junos OS versions prior to 18.3R3-S4 Juniper Networks Junos OS versions prior to 18.4R2-S6 Juniper Networks Junos OS versions prior to 18.4R3-S6 Juniper Networks Junos OS versions prior to 19.1R3-S3

Description The issue is related to insufficient validation of unusual or exceptional states in the Junos OS, which can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). This can occur when processing a specific BGP UPDATE message, which can propagate to other BGP peers with vulnerable Junos versions and cause RPD to crash and restart. The issue affects both IBGP and EBGP deployments in IPv4 or IPv6 networks.

Recommendations For Juniper Networks Junos OS versions prior to 12.3R12-S18, update to version 12.3R12-S18 or later. For Juniper Networks Junos OS versions prior to 15.1R7-S9, update to version 15.1R7-S9 or later. For Juniper Networks Junos OS versions prior to 17.3R3-S11, update to version 17.3R3-S11 or later. For Juniper Networks Junos OS versions prior to 17.4R2-S13, update to version 17.4R2-S13 or later. For Juniper Networks Junos OS versions prior to 17.4R3-S4, update to version 17.4R3-S4 or later. For Juniper Networks Junos OS versions prior to 18.1R3-S12, update to version 18.1R3-S12 or later. For Juniper Networks Junos OS versions prior to 18.2R3-S7, update to version 18.2R3-S7 or later. For Juniper Networks Junos OS versions prior to 18.3R3-S4, update to version 18.3R3-S4 or later. For Juniper Networks Junos OS versions prior to 18.4R2-S6, update to version 18.4R2-S6 or later. For Juniper Networks Junos OS versions prior to 18.4R3-S6, update to version 18.4R3-S6 or later. For Juniper Networks Junos OS versions prior to 19.1R3-S3, update to version 19.1R3-S3 or later. As a temporary workaround, consider disabling the BGP Multipath or add-path feature until a patch is available.