// For flags

CVE-2021-0276

Steel-Belted Radius Carrier Edition: Remote code execution vulnerability when EAP Authentication is configured.

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). This issue affects Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R19; 8.5.0 versions prior to 8.5.0R10; 8.6.0 versions prior to 8.6.0R4.

Una vulnerabilidad de Desbordamiento del Búfer en la región stack de la memoria en Juniper Networks SBR Carrier con la autenticación EAP (Extensible Authentication Protocol) configurada, permite a un atacante enviar paquetes específicos causando el bloqueo del demonio radius, resultando en una Denegación de Servicio (DoS) o conllevando a una ejecución de código remota (RCE). Al enviar continuamente estos paquetes específicos, un atacante puede bloquear repetidamente el daemon radius, causando una Denegación de Servicio (DoS) sostenida. Este problema afecta a Juniper Networks SBR Carrier: versiones 8.4.1 anteriores a 8.4.1R19; versiones 8.5.0 anteriores a 8.5.0R10; versiones 8.6.0 anteriores a 8.6.0R4

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-10-27 CVE Reserved
  • 2021-07-15 CVE Published
  • 2024-06-19 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-121: Stack-based Buffer Overflow
  • CWE-787: Out-of-bounds Write
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://kb.juniper.net/JSA11180 2022-08-05
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Juniper
Search vendor "Juniper"
 Steel-belted Radius Carrier
Search vendor "Juniper" for product "Steel-belted Radius Carrier"
 8.4.1
Search vendor "Juniper" for product "Steel-belted Radius Carrier" and version "8.4.1"
-
Affected
Juniper
Search vendor "Juniper"
 Steel-belted Radius Carrier
Search vendor "Juniper" for product "Steel-belted Radius Carrier"
 8.4.1
Search vendor "Juniper" for product "Steel-belted Radius Carrier" and version "8.4.1"
r13
Affected
Juniper
Search vendor "Juniper"
 Steel-belted Radius Carrier
Search vendor "Juniper" for product "Steel-belted Radius Carrier"
 8.5.0
Search vendor "Juniper" for product "Steel-belted Radius Carrier" and version "8.5.0"
-
Affected
Juniper
Search vendor "Juniper"
 Steel-belted Radius Carrier
Search vendor "Juniper" for product "Steel-belted Radius Carrier"
 8.5.0
Search vendor "Juniper" for product "Steel-belted Radius Carrier" and version "8.5.0"
r4
Affected
Juniper
Search vendor "Juniper"
 Steel-belted Radius Carrier
Search vendor "Juniper" for product "Steel-belted Radius Carrier"
 8.6.0
Search vendor "Juniper" for product "Steel-belted Radius Carrier" and version "8.6.0"
-
Affected