CVE-2021-0286

{"id": "CVE-2021-0286", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-07-15T20:15:10.333", "references": [{"url": "https://kb.juniper.net/JSA11188", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-754"}]}, {"type": "Secondary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-703"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) process to crash and restart, impacting all traffic going through the FPC, resulting in a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. Following messages will be logged prior to the crash: Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:35 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:37 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:44 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:47 Feb 2 10:14:39 fpc0 audit[16263]: ANOM_ABEND auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=11 Feb 2 10:14:39 fpc0 kernel: audit: type=1701 audit(1612260879.272:17): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=1 This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1 versions prior to 21.1R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad en el manejo de condiciones excepcionales en Juniper Networks Junos OS Evolved (EVO) permite a un atacante enviar paquetes especialmente dise\u00f1ados al dispositivo, causando al proceso de Advanced Forwarding Toolkit manager (evo-aftmand-bt o evo-aftmand-zx) bloquearse y reiniciarse, impactando todo el tr\u00e1fico que pasa por el FPC, resultando en una Denegaci\u00f3n de Servicio (DoS). Una recepci\u00f3n continua y procesamiento de estos paquetes crear\u00e1 una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. Los siguientes mensajes se registrar\u00e1n antes del bloqueo: Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:35 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:37 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:44 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:47 Feb 2 10:14:39 fpc0 audit[16263]: ANOM_ABEND auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=11 Feb 2 10:14:39 fpc0 kernel: audit: type=1701 audit(1612260879. 272:17): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=1 Este problema afecta a Juniper Networks Junos OS Evolved: Todas las versiones anteriores a 20.4R2-EVO; las versiones 21.1 anteriores a 21.1R2-EVO"}], "lastModified": "2021-10-25T15:20:20.750", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "914D6984-1820-483B-AEB9-2C5257B5E900"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14C57D33-01BB-4190-B787-F5BDACE82AFD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6480A5C9-3280-40C5-BC08-509555F28363"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D3C2D74-AF22-4BED-A0C5-089B5507D275"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83447F3F-79A3-41DF-8FD1-31DCFCBE40A4"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B14CED1-BEAF-4343-A05D-FB1E2B6AC955"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABB91C38-8C70-436A-83DB-42B8DF81D7D8"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AED25FB6-E3FA-4543-90B2-50068D683D50"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F64FBB4B-7CBF-499B-A523-804857DEFAFA"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEBE159F-5D94-4C18-B922-331586BEA2CA"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "487A82C9-7B7E-4ACA-BABF-65B8504079AD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37625D47-53C3-43D5-A361-A833EE06C6D4"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AFB91E3-CAAC-429F-A869-DDD40FB0F84D"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9C8866D-162F-4C9B-8167-2FBA25410368"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE674DD3-3590-4434-B144-5AD7EB5F039D"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}