CVE-2021-0214 Information

Description

A vulnerability in the distributed or centralized periodic packet management daemon (PPMD) of Juniper Networks Junos OS may cause receipt of a malformed packet to crash and restart the PPMD process leading to network destabilization service interruption and a Denial of Service (DoS) condition. Continued receipt and processing of these malformed packets will repeatedly crash the PPMD process and sustain the Denial of Service (DoS) condition. Due to the nature of the specifically crafted packet exploitation of this issue requires direct adjacent connectivity to the vulnerable component. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S12 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8 18.4R2-S7 18.4R3-S6; 19.1 versions prior to 19.1R1-S6 19.1R2-S2 19.1R3-S4; 19.2 versions prior to 19.2R1-S5 19.2R3-S1; 19.3 versions prior to 19.3R2-S5 19.3R3-S1; 19.4 versions prior to 19.4R2-S2 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S2 20.2R2.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://kb.juniper.net/JSA11117

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

6.5