CVE-2021-0286

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS Evolved versions prior to 20.4R2-EVO Juniper Networks Junos OS Evolved 21.1 versions prior to 21.1R2-EVO

Description The issue is related to the handling of exceptional conditions in the Advanced Forwarding Toolkit manager process, allowing an attacker to send specially crafted packets to the device, causing it to crash and restart. This results in a Denial of Service (DoS) condition, impacting all traffic going through the FPC. Prior to the crash, specific error messages will be logged, including messages related to failed nexthop operations.

Recommendations For Juniper Networks Junos OS Evolved versions prior to 20.4R2-EVO, update to version 20.4R2-EVO or later. For Juniper Networks Junos OS Evolved 21.1 versions prior to 21.1R2-EVO, update to version 21.1R2-EVO or later. As a temporary workaround, consider restricting access to the vulnerable Advanced Forwarding Toolkit manager process to minimize the risk of exploitation.