CVE-2021-0241
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
22/04/2021
Last modified:
23/07/2021
Description
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a specific DHCPv6 packet is received, resulting in a restart of the daemon. The daemon automatically restarts without intervention, but continued receipt and processing of these specific packets will repeatedly crash the JDHCPD process and sustain the Denial of Service (DoS) condition. This issue only affects DHCPv6. DHCPv4 is not affected by this issue. This issue affects: Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S7; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R3-S1; 19.3 versions prior to 19.3R3-S1, 19.3R3-S2; 19.4 versions prior to 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S2, 20.3R2.
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
Base Score 2.0
3.30
Severity 2.0
LOW
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r1-s1:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r1-s4:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r2-s3:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r2-s4:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r2-s5:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r3:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r3:-:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r3-s1:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r3-s10:*:*:*:*:*:* | ||
cpe:2.3:o:juniper:junos:17.3:r3-s11:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page