CVE-2021-0294

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS version 18.4R2-S5

Description A vulnerability in Juniper Networks Junos OS affects the release 18.4R2-S5 on QFX5000 Series and EX4600 Series. The issue is related to an inconsistently implemented function, which can lead to the enhanced storm control filter group not being installed if storm-control enhanced is configured. This allows an attacker to cause high CPU usage or packet loss issues by sending a large amount of broadcast or unknown unicast packets to the device. The affected devices include QFX5100, QFX5110, QFX5120, QFX5200, QFX5210, EX4600, and EX4650, as well as QFX5100 with QFX 5e Series image installed.

Recommendations For Juniper Networks Junos OS version 18.4R2-S5, consider disabling the storm-control enhanced configuration as a temporary workaround until a patch is available. Restrict access to the affected devices to minimize the risk of exploitation. Avoid using the storm-control enhanced feature in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.