// For flags

CVE-2021-31376

Junos OS: ACX Series: Packet Forwarding Engine manager (FXPC) process crashes when processing DHCPv6 packets

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific DHCPv6 packets to the device and crashing the FXPC service. Continued receipt and processing of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms in ACX Series: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096 devices. Other ACX platforms are not affected from this issue. This issue affects Juniper Networks Junos OS on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: 18.4 version 18.4R3-S7 and later versions prior to 18.4R3-S8. This issue does not affect: Juniper Networks Junos OS 18.4 versions prior to 18.4R3-S7 on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096.

Una vulnerabilidad de comprobación de entrada inapropiada en el proceso del Administrador del Motor de Reenvío de Paquetes (FXPC) de Juniper Networks Junos OS permite a un atacante causar una Denegación de Servicio (DoS) mediante el envío de paquetes DHCPv6 específicos al dispositivo y el bloqueo del servicio FXPC. La recepción y el procesamiento continuados de este paquete específico crearán una condición de Denegación de Servicio (DoS) sostenida. Este problema afecta sólo a las siguientes plataformas de la serie ACX: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096. Otras plataformas ACX no están afectadas por este problema. Este problema afecta a Juniper Networks Junos OS en ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: versión 18.4 18.4R3-S7 y versiones posteriores anteriores a 18.4R3-S8. Este problema no afecta: Juniper Networks Junos OS versiones 18.4 anteriores a 18.4R3-S7 en ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-04-15 CVE Reserved
  • 2021-10-19 CVE Published
  • 2024-06-28 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://kb.juniper.net/JSA11241 2021-10-25
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 18.4
Search vendor "Juniper" for product "Junos" and version "18.4"
r3-s7
Affected
in Juniper
Search vendor "Juniper"
 Acx1000
Search vendor "Juniper" for product "Acx1000"
--
Safe
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 18.4
Search vendor "Juniper" for product "Junos" and version "18.4"
r3-s7
Affected
in Juniper
Search vendor "Juniper"
 Acx1100
Search vendor "Juniper" for product "Acx1100"
--
Safe
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 18.4
Search vendor "Juniper" for product "Junos" and version "18.4"
r3-s7
Affected
in Juniper
Search vendor "Juniper"
 Acx2100
Search vendor "Juniper" for product "Acx2100"
--
Safe
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 18.4
Search vendor "Juniper" for product "Junos" and version "18.4"
r3-s7
Affected
in Juniper
Search vendor "Juniper"
 Acx2200
Search vendor "Juniper" for product "Acx2200"
--
Safe
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 18.4
Search vendor "Juniper" for product "Junos" and version "18.4"
r3-s7
Affected
in Juniper
Search vendor "Juniper"
 Acx4000
Search vendor "Juniper" for product "Acx4000"
--
Safe
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 18.4
Search vendor "Juniper" for product "Junos" and version "18.4"
r3-s7
Affected
in Juniper
Search vendor "Juniper"
 Acx500
Search vendor "Juniper" for product "Acx500"
--
Safe
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 18.4
Search vendor "Juniper" for product "Junos" and version "18.4"
r3-s7
Affected
in Juniper
Search vendor "Juniper"
 Acx5048
Search vendor "Juniper" for product "Acx5048"
--
Safe
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 18.4
Search vendor "Juniper" for product "Junos" and version "18.4"
r3-s7
Affected
in Juniper
Search vendor "Juniper"
 Acx5096
Search vendor "Juniper" for product "Acx5096"
--
Safe