CVE-2021-0203 Information

Description

On Juniper Networks EX and QFX5K Series platforms configured with Redundant Trunk Group (RTG) Storm Control profile applied on the RTG interface might not take affect when it reaches the threshold condition. Storm Control enables the device to monitor traffic levels and to drop broadcast multicast and unknown unicast packets when a specified traffic level is exceeded thus preventing packets from proliferating and degrading the LAN. Note: this issue does not affect EX2200 EX3300 EX4200 and EX9200 Series. This issue affects Juniper Networks Junos OS on EX Series and QFX5K Series: 15.1 versions prior to 15.1R7-S7; 16.1 versions prior to 16.1R7-S8; 17.2 versions prior to 17.2R3-S4; 17.3 versions prior to 17.3R3-S8; 17.4 versions prior to 17.4R2-S11 17.4R3-S2; 18.1 versions prior to 18.1R3-S10; 18.2 versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R2-S4 18.3R3-S2; 18.4 versions prior to 18.4R2-S5 18.4R3-S3; 19.1 versions prior to 19.1R2-S2 19.1R3-S2; 19.2 versions prior to 19.2R1-S5 19.2R2-S1 19.2R3; 19.3 versions prior to 19.3R2-S4 19.3R3; 19.4 versions prior to 19.4R1-S3 19.4R2-S1 19.4R3; 20.1 versions prior to 20.1R1-S2 20.1R2.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Reference

https://kb.juniper.net/JSA11093

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

8.6