目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

CVE-2021-0280— Juniper Networks Junos OS 安全漏洞

CVSS 7.5 · High EPSS 0.39% · P60
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2021-0280の基本情報

脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
Junos OS: PTX Series, QFX10K Series: Upon receipt of specific packets BFD sessions might flap due to DDoS policer implementation in Packet Forwarding Engine
ソース: NVD (National Vulnerability Database)
脆弱性説明
Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE). This may cause BFD sessions to flap when a high rate of specific packets are received. Flapping of BFD sessions in turn may impact routing protocols and network stability, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms with Paradise (PE) chipset-based line cards: PTX1000, PTX3000 (NextGen), PTX5000, PTX10008, PTX10016 Series and QFX10002 Series. This issue affects: Juniper Networks Junos OS 17.4 versions prior to 17.4R3-S5 on PTX Series, QFX10K Series; 18.2 versions prior to 18.2R3-S8 on PTX Series, QFX10K Series; 18.3 versions prior to 18.3R3-S5 on PTX Series, QFX10K Series; 18.4 versions prior to 18.4R2-S8 on PTX Series, QFX10K Series; 19.1 versions prior to 19.1R3-S5 on PTX Series, QFX10K Series; 19.2 versions prior to 19.2R3-S2 on PTX Series, QFX10K Series; 19.3 versions prior to 19.3R3-S2 on PTX Series, QFX10K Series; 19.4 versions prior to 19.4R3-S2 on PTX Series, QFX10K Series; 20.1 versions prior to 20.1R3 on PTX Series, QFX10K Series; 20.2 versions prior to 20.2R2-S3, 20.2R3 on PTX Series, QFX10K Series; 20.3 versions prior to 20.3R2 on PTX Series, QFX10K Series; 20.4 versions prior to 20.4R2 on PTX Series, QFX10K Series.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
初始化不恰当
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Juniper Networks Junos OS 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Juniper Networks Junos OS是美国瞻博网络(Juniper Networks)公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Junos OS 存在安全漏洞,该漏洞源于BFD会话的抖动反过来可能会影响路由协议和网络稳定性,从而导致拒绝服务条件。以下产品及版本受到影响:Junos OS 17.4, 18.2, 18.3, 18.4, 19.1, 19.2, 19.3, 19.4, 20.1, 20.2, 20.3, 20.4. Aff
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
Juniper NetworksJunos OS 17.4 ~ 17.4R3-S5 -

II. CVE-2021-0280の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2021-0280のインテリジェンス情報

登录查看更多情报信息。

Same Patch Batch · Juniper Networks · 2021-07-15 · 19 CVEs total

CVE-2021-02769.8 CRITICALSteel-Belted Radius Carrier Edition: Remote code execution vulnerability when EAP Authenti
CVE-2021-02778.8 HIGHJunos OS and Junos OS Evolved: LLDP Out-of-Bounds Read vulnerability in l2cpd
CVE-2021-02788.8 HIGHJunos OS: J-Web allows a locally authenticated attacker to escalate their privileges to ro
CVE-2021-02798.6 HIGHContrail Cloud: Hardcoded credentials for RabbitMQ service
CVE-2021-02867.5 HIGHJunos OS Evolved: Specially crafted packets may cause the AFT manager process to crash and
CVE-2021-02827.5 HIGHJunos OS: RPD crash while processing a specific BGP UPDATE when Multipath or add-path feat
CVE-2021-02837.5 HIGHJunos OS: Upon receipt of specific sequences of genuine packets destined to the device the
CVE-2021-02857.5 HIGHJunos OS: QFX5000 Series and EX4600 Series: Continuous traffic destined to a device config
CVE-2021-02876.5 MEDIUMJunos OS and Junos OS Evolved: RPD could crash in SR-ISIS/MPLS environment due to a flap o
CVE-2021-02886.5 MEDIUMJunos OS: MX Series, EX9200 Series: FPC may crash upon receipt of specific MPLS packet aff
CVE-2021-02896.5 MEDIUMJunos OS: User-defined ARP Policer isn't applied on Aggregated Ethernet (AE) interface unt
CVE-2021-02906.5 MEDIUMJunos OS: MX Series, EX9200 Series, SRX4600: Ethernet interface vulnerable to specially cr
CVE-2021-02916.5 MEDIUMJunos OS and Junos OS Evolved: A vulnerability allows a network based unauthenticated atta
CVE-2021-02926.5 MEDIUMJunos OS Evolved: Memory leak in arpd or ndp processes can lead to Denial of Service (DoS)
CVE-2021-02956.1 MEDIUMJunos OS: QFX10K Series: Denial of Service (DoS) upon receipt of DVMRP packets received on
CVE-2021-02815.9 MEDIUMJunos OS and Junos OS Evolved: Specific packets can trigger rpd crash when BGP Origin Vali
CVE-2021-02935.5 MEDIUMJunos OS: Out-of-memory condition and crashes can occur after executing a certain CLI comm
CVE-2021-02945.3 MEDIUMJunos OS: QFX5000 Series and EX4600 Series: Enhanced storm control might not work leading

IV. 関連脆弱性

同じ製品: Junos OS
同じベンダー: Juniper Networks
同じ弱点: CWE-665

V. CVE-2021-0280へのコメント

まだコメントはありません

コメントを残す