CVE-2021-31354
Junos OS and Junos OS Evolved: A vulnerability in the Juniper Agile License Client may allow an attacker to perform Remote Code Execution (RCE)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). The vulnerability exists in the packet parsing logic on the client that processes the response from the server using a custom protocol. An attacker with control of a JAL License Manager, or with access to the local broadcast domain, may be able to spoof a new JAL License Manager and/or craft a response to the Junos OS License Client, leading to exploitation of this vulnerability. This issue only affects Junos systems configured in Network Mode. Systems that are configured in Standalone Mode (the default mode of operation for all systems) are not vulnerable to this issue. This issue affects: Juniper Networks Junos OS: 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS Evolved: version 20.1R1-EVO and later versions, prior to 21.2R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 19.2R1.
Una vulnerabilidad de acceso fuera de límites (OOB) en el manejo de respuestas por parte de un cliente de Juniper Agile License (JAL) en Juniper Networks Junos OS y Junos OS Evolved, configurado en modo de red (para usar Juniper Agile License Manager) puede permitir a un atacante causar una Denegación de Servicio (DoS) parcial o conllevar a una ejecución remota de código (RCE). La vulnerabilidad se presenta en la lógica de análisis de paquetes en el cliente que procesa la respuesta del servidor usando un protocolo personalizado. Un atacante con el control de un Administrador de Licencias JAL, o con acceso al dominio de difusión local, puede ser capaz de falsificar un nuevo Administrador de Licencias JAL y/o diseñar una respuesta al Cliente de Licencias del Sistema Operativo Junos, conllevando a una explotación de esta vulnerabilidad. Este problema sólo afecta a los sistemas Junos configurados en modo de red. Los sistemas configurados en modo autónomo (el modo de funcionamiento predeterminado para todos los sistemas) no son vulnerables a este problema. Este problema afecta a: Juniper Networks Junos OS: versiones 19.2 anteriores a 19.2R3-S3; versiones 19.3 anteriores a 19.3R3-S3; versiones 20.1 anteriores a 20.1R2-S2, 20.1R3-S1; versiones 20.2 anteriores a 20.2R3-S2; versiones 20.3 anteriores a 20.3R3; versiones 20.4 anteriores a 20.4R3; versiones 21.1 anteriores a 21.1R2. Juniper Networks Junos OS Evolved: versión 20.1R1-EVO y versiones posteriores, anteriores a 21.2R2-EVO. Este problema no afecta a las versiones de Juniper Networks Junos OS anteriores a 19.2R1
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-04-15 CVE Reserved
- 2021-10-19 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-24 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | - |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r1-s2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r1-s3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r1-s4 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r1-s5 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r1-s6 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r2-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r3-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.2 Search vendor "Juniper" for product "Junos" and version "19.2" | r3-s2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | - |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r2-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r2-s2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r2-s3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r2-s4 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r2-s5 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r3-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.3 Search vendor "Juniper" for product "Junos" and version "19.3" | r3-s2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.1 Search vendor "Juniper" for product "Junos" and version "20.1" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.1 Search vendor "Juniper" for product "Junos" and version "20.1" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.1 Search vendor "Juniper" for product "Junos" and version "20.1" | r1-s2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.1 Search vendor "Juniper" for product "Junos" and version "20.1" | r1-s3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.1 Search vendor "Juniper" for product "Junos" and version "20.1" | r1-s4 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.1 Search vendor "Juniper" for product "Junos" and version "20.1" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.1 Search vendor "Juniper" for product "Junos" and version "20.1" | r2-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.1 Search vendor "Juniper" for product "Junos" and version "20.1" | r3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r1-s2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r1-s3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r2-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r2-s2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r2-s3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.2 Search vendor "Juniper" for product "Junos" and version "20.2" | r3-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.3 Search vendor "Juniper" for product "Junos" and version "20.3" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.3 Search vendor "Juniper" for product "Junos" and version "20.3" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.3 Search vendor "Juniper" for product "Junos" and version "20.3" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.3 Search vendor "Juniper" for product "Junos" and version "20.3" | r2-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r2-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.1" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.1" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.1" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.1" | r2-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.1" | r2-s2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.1" | r2-s3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.1" | r2-s4 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.1" | r2-s5 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.1" | r3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.2" | - |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.2" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.2" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.2" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.2" | r2-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.2" | r3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.3 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.3" | - |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.3 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.3" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.3 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.3" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.3 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.3" | r1-s2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.3 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.3" | r1-s3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.3 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.3" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r1-s2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r2-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r2-s2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r2-s3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r3-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.1" | - |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.1" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.1" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.1" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.2" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.2" | r1-s1 |
Affected
|