CVE-2021-0290— Junos OS: MX Series, EX9200 Series, SRX4600: Ethernet interface vulnerable to specially crafted frames
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-0290
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Junos OS: MX Series, EX9200 Series, SRX4600: Ethernet interface vulnerable to specially crafted frames
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper Networks Junos OS allows an attacker to send specially crafted frames over the local Ethernet segment, causing the interface to go into a down state, resulting in a Denial of Service (DoS) condition. The interface does not recover on its own and the FPC must be reset manually. Continued receipt and processing of these frames will create a sustained Denial of Service (DoS) condition. This issue is platform-specific and affects the following platforms and line cards: * MPC7E/8E/9E and MPC10E on MX240, MX480, MX960, MX2008, MX2010, and MX2020 * MX204, MX10003, MX10008, MX10016 * EX9200, EX9251 * SRX4600 No other products or platforms are affected by this vulnerability. An indication of this issue occurring can be seen in the system log messages, as shown below: user@host> show log messages | match "Failed to complete DFE tuning" fpc4 smic_phy_dfe_tuning_state: et-4/1/6 - Failed to complete DFE tuning (count 3) and interface will be in a permanently down state: user@host> show interfaces et-4/1/6 terse Interface Admin Link Proto Local Remote et-4/1/6 up down et-4/1/6.0 up down aenet --> ae101.0 This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S7 on MX Series; 17.1R1 and later versions prior to 17.2R3-S3 on MX Series; 17.3 versions prior to 17.3R3-S8 on MX Series; 17.4 versions prior to 17.4R2-S11, 17.4R3-S1 on MX Series, SRX4600; 18.1 versions prior to 18.1R3-S10 on MX Series, EX9200 Series, SRX4600; 18.2 versions prior to 18.2R3-S3 on MX Series, EX9200 Series, SRX4600; 18.3 versions prior to 18.3R3-S1 on MX Series, EX9200 Series, SRX4600; 18.4 versions prior to 18.4R2-S3, 18.4R3 on MX Series, EX9200 Series, SRX4600; 19.1 versions prior to 19.1R2-S1, 19.1R3 on MX Series, EX9200 Series, SRX4600; 19.2 versions prior to 19.2R1-S3, 19.2R2 on MX Series, EX9200 Series, SRX4600; 19.3 versions prior to 19.3R2 on MX Series, EX9200 Series, SRX4600. This issue does not affect Juniper Networks Junos OS versions prior to 16.1R1.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
对异常条件的处理不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Juniper Networks Junos OS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Juniper Networks Junos OS是美国瞻博网络(Juniper Networks)公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Junos OS 存在安全漏洞,攻击者专门发送在本地以太网段上精心制作的帧,导致接口去进入关闭状态,导致拒绝服务条件。以下产品及版本受到影响:Junos OS 16.1, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3,18.4, 19.1, 19.2, 19.3. Affe
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Juniper Networks | Junos OS | unspecified ~ 16.1R1 | - | |
| Juniper Networks | Junos OS | 16.1 ~ 16.1R7-S7 | - | |
| Juniper Networks | Junos OS | 17.4 ~ 17.4R2-S11, 17.4R3-S1 | - | |
| Juniper Networks | Junos OS | 18.1 ~ 18.1R3-S10 | - |
II. Public POCs for CVE-2021-0290
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-0290
请登录查看更多情报信息。
Same Patch Batch · Juniper Networks · 2021-07-15 · 19 CVEs total
| CVE-2021-0276 | 9.8 CRITICAL | Steel-Belted Radius Carrier Edition: Remote code execution vulnerability when EAP Authenti |
| CVE-2021-0277 | 8.8 HIGH | Junos OS and Junos OS Evolved: LLDP Out-of-Bounds Read vulnerability in l2cpd |
| CVE-2021-0278 | 8.8 HIGH | Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to ro |
| CVE-2021-0279 | 8.6 HIGH | Contrail Cloud: Hardcoded credentials for RabbitMQ service |
| CVE-2021-0285 | 7.5 HIGH | Junos OS: QFX5000 Series and EX4600 Series: Continuous traffic destined to a device config |
| CVE-2021-0280 | 7.5 HIGH | Junos OS: PTX Series, QFX10K Series: Upon receipt of specific packets BFD sessions might f |
| CVE-2021-0282 | 7.5 HIGH | Junos OS: RPD crash while processing a specific BGP UPDATE when Multipath or add-path feat |
| CVE-2021-0283 | 7.5 HIGH | Junos OS: Upon receipt of specific sequences of genuine packets destined to the device the |
| CVE-2021-0286 | 7.5 HIGH | Junos OS Evolved: Specially crafted packets may cause the AFT manager process to crash and |
| CVE-2021-0287 | 6.5 MEDIUM | Junos OS and Junos OS Evolved: RPD could crash in SR-ISIS/MPLS environment due to a flap o |
| CVE-2021-0288 | 6.5 MEDIUM | Junos OS: MX Series, EX9200 Series: FPC may crash upon receipt of specific MPLS packet aff |
| CVE-2021-0289 | 6.5 MEDIUM | Junos OS: User-defined ARP Policer isn't applied on Aggregated Ethernet (AE) interface unt |
| CVE-2021-0291 | 6.5 MEDIUM | Junos OS and Junos OS Evolved: A vulnerability allows a network based unauthenticated atta |
| CVE-2021-0292 | 6.5 MEDIUM | Junos OS Evolved: Memory leak in arpd or ndp processes can lead to Denial of Service (DoS) |
| CVE-2021-0295 | 6.1 MEDIUM | Junos OS: QFX10K Series: Denial of Service (DoS) upon receipt of DVMRP packets received on |
| CVE-2021-0281 | 5.9 MEDIUM | Junos OS and Junos OS Evolved: Specific packets can trigger rpd crash when BGP Origin Vali |
| CVE-2021-0293 | 5.5 MEDIUM | Junos OS: Out-of-memory condition and crashes can occur after executing a certain CLI comm |
| CVE-2021-0294 | 5.3 MEDIUM | Junos OS: QFX5000 Series and EX4600 Series: Enhanced storm control might not work leading |
IV. Related Vulnerabilities
Same product: Junos OS
- CVE-2026-33791
Junos OS and Junos OS Evolved: Execution of crafted CLI comm - CVE-2026-33790
Junos OS: SRX Series: In a NAT64 configuration, receipt of a - CVE-2026-33787
Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specifi - CVE-2026-33785
Junos OS: MX Series: Missing Authorization for specific 'req - CVE-2026-33781
Junos OS: EX Series, QFX Series: In a VXLAN scenario when sp
Same vendor: Juniper Networks
- CVE-2026-33791
Junos OS and Junos OS Evolved: Execution of crafted CLI comm - CVE-2026-33790
Junos OS: SRX Series: In a NAT64 configuration, receipt of a - CVE-2026-33787
Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specifi - CVE-2026-33785
Junos OS: MX Series: Missing Authorization for specific 'req - CVE-2026-33784
JSI Virtual Lightweight Collector: Default password is not r
Same weakness: CWE-755
- CVE-2026-23666
.NET Framework Denial of Service Vulnerability - CVE-2026-40074
SvelteKit's invalidated redirect in handle hook causes Denia - CVE-2026-28542
Huawei EMUI和Huawei HarmonyOS 安全漏洞 - CVE-2026-27195
Wasmtime is vulnerable to panic when dropping a `[Typed]Func - CVE-2026-27586
Caddy's mTLS client authentication silently fails open when
V. Comments for CVE-2021-0290
No comments yet