PT-2021-3668 · Juniper Networks · Junos

Published

2021-07-14

·

Updated

2022-09-03

·

CVE-2021-0284

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions 12.3 prior to 12.3R12-S19 Juniper Networks Junos OS versions 15.1 prior to 15.1R7-S10 Juniper Networks Junos OS versions 17.3 prior to 17.3R3-S12 Juniper Networks Junos OS versions 18.4 prior to 18.4R3-S9 Juniper Networks Junos OS versions 19.1 prior to 19.1R3-S7 Juniper Networks Junos OS versions 19.2 prior to 19.2R1-S7, 19.2R3-S3 Juniper Networks Junos OS versions 19.3 prior to 19.3R3-S3 Juniper Networks Junos OS versions 19.4 prior to 19.4R3-S5 Juniper Networks Junos OS versions 20.1 prior to 20.1R3-S1 Juniper Networks Junos OS versions 20.2 prior to 20.2R3-S2 Juniper Networks Junos OS versions 20.3 prior to 20.3R3-S1 Juniper Networks Junos OS versions 20.4 prior to 20.4R2-S2, 20.4R3 Juniper Networks Junos OS versions 21.1 prior to 21.1R2 Juniper Networks Junos OS versions 21.2 prior to 21.2R2
Description A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device, thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition. The device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files: "eventd[13955]: SYSTEM ABNORMAL SHUTDOWN: System abnormally shut down". This issue is only triggered by traffic destined to the device. Transit traffic will not trigger this issue.
Recommendations Update to a version of Juniper Networks Junos OS that is not affected by this issue, such as 12.3R12-S19 or later, 15.1R7-S10 or later, 17.3R3-S12 or later, 18.4R3-S9 or later, 19.1R3-S7 or later, 19.2R1-S7 or later, 19.2R3-S3 or later, 19.3R3-S3 or later, 19.4R3-S5 or later, 20.1R3-S1 or later, 20.2R3-S2 or later, 20.3R3-S1 or later, 20.4R2-S2 or later, 20.4R3 or later, 21.1R2 or later, 21.2R2 or later. As a temporary workaround, consider restricting access to the device to minimize the risk of exploitation.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

BDU:2021-03901
CVE-2021-0284

Affected Products

Junos