CVE-2021-31353
Junos OS and Junos OS Evolved: RPD core upon receipt of specific BGP update
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing of the BGP update will create a sustained Denial of Service (DoS) condition. This issue affects very specific versions of Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versions 20.2R2-S3 and later, prior to 20.2R3-S2; 20.3 versions 20.3R2 and later, prior to 20.3R3; 20.4 versions 20.4R2 and later, prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS 20.1 is not affected by this issue. This issue also affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-S3-EVO, 20.4R3-EVO; 21.1-EVO versions prior to 21.1R2-EVO; 21.2-EVO versions prior to 21.2R2-EVO.
Una vulnerabilidad de administración inapropiada de condiciones excepcionales en Juniper Networks Junos OS y Junos OS Evolved permite a un atacante inyectar una actualización BGP específica, causando el bloqueo y el reinicio del demonio del protocolo de enrutamiento (RPD), conllevando a una Denegación de Servicio (DoS). Si se sigue recibiendo y procesando la actualización BGP, será creada una condición de Denegación de Servicio (DoS) sostenida. Este problema afecta a versiones muy específicas de Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versiones 20.2R2-S3 y posteriores, anteriores a 20.2R3-S2; 20.3 versiones 20.3R2 y posteriores, anteriores a 20.3R3; 20.4 versiones 20.4R2 y posteriores, anteriores a 20.4R3; versiones 21.1 anteriores a 21.1R2. Juniper Networks Junos OS 20.1 no está afectado por este problema. Este problema también afecta a Juniper Networks Junos OS Evolved: Todas las versiones anteriores a 20.4R2-S3-EVO, 20.4R3-EVO; 21.1-EVO versiones anteriores a 21.1R2-EVO; 21.2-EVO versiones anteriores a 21.2R2-EVO
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-04-15 CVE Reserved
- 2021-10-19 CVE Published
- 2024-06-28 EPSS Updated
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-755: Improper Handling of Exceptional Conditions
CAPEC
References (1)
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r3-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.4 Search vendor "Juniper" for product "Junos" and version "19.4" | r3-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r2-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r3-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.3 Search vendor "Juniper" for product "Junos" and version "20.3" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.3 Search vendor "Juniper" for product "Junos" and version "20.3" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | <= 20.3 Search vendor "Juniper" for product "Junos Os Evolved" and version " <= 20.3" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r2-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.1" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.1" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.2" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.2" | r1-s1 |
Affected
| ||||||