CVE-2021-0276

Name of the Vulnerable Software and Affected Versions Juniper Networks SBR Carrier versions 8.4.1 through 8.4.1R18 Juniper Networks SBR Carrier versions 8.5.0 through 8.5.0R9 Juniper Networks SBR Carrier versions 8.6.0 through 8.6.0R3

Description The issue is caused by a stack-based buffer overflow vulnerability in the implementation of the Extensible Authentication Protocol (EAP) server. This vulnerability can be exploited by an attacker sending specific packets, potentially leading to a Denial of Service (DoS) or remote code execution (RCE). Continuous exploitation can result in a sustained DoS by repeatedly crashing the radius daemon.

Recommendations For Juniper Networks SBR Carrier versions 8.4.1 through 8.4.1R18, update to version 8.4.1R19 or later. For Juniper Networks SBR Carrier versions 8.5.0 through 8.5.0R9, update to version 8.5.0R10 or later. For Juniper Networks SBR Carrier versions 8.6.0 through 8.6.0R3, update to version 8.6.0R4 or later.