CVE-2021-31353

{"id": "CVE-2021-31353", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-10-19T19:15:08.720", "references": [{"url": "https://kb.juniper.net/JSA11218", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-755"}]}, {"type": "Secondary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-755"}]}], "descriptions": [{"lang": "en", "value": "An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing of the BGP update will create a sustained Denial of Service (DoS) condition. This issue affects very specific versions of Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versions 20.2R2-S3 and later, prior to 20.2R3-S2; 20.3 versions 20.3R2 and later, prior to 20.3R3; 20.4 versions 20.4R2 and later, prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS 20.1 is not affected by this issue. This issue also affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-S3-EVO, 20.4R3-EVO; 21.1-EVO versions prior to 21.1R2-EVO; 21.2-EVO versions prior to 21.2R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de administraci\u00f3n inapropiada de condiciones excepcionales en Juniper Networks Junos OS y Junos OS Evolved permite a un atacante inyectar una actualizaci\u00f3n BGP espec\u00edfica, causando el bloqueo y el reinicio del demonio del protocolo de enrutamiento (RPD), conllevando a una Denegaci\u00f3n de Servicio (DoS). Si se sigue recibiendo y procesando la actualizaci\u00f3n BGP, ser\u00e1 creada una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. Este problema afecta a versiones muy espec\u00edficas de Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versiones 20.2R2-S3 y posteriores, anteriores a 20.2R3-S2; 20.3 versiones 20.3R2 y posteriores, anteriores a 20.3R3; 20.4 versiones 20.4R2 y posteriores, anteriores a 20.4R3; versiones 21.1 anteriores a 21.1R2. Juniper Networks Junos OS 20.1 no est\u00e1 afectado por este problema. Este problema tambi\u00e9n afecta a Juniper Networks Junos OS Evolved: Todas las versiones anteriores a 20.4R2-S3-EVO, 20.4R3-EVO; 21.1-EVO versiones anteriores a 21.1R2-EVO; 21.2-EVO versiones anteriores a 21.2R2-EVO"}], "lastModified": "2021-10-25T21:41:46.123", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3FEA876-302D-4F07-94E6-237C669538F2"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0886EFA6-47E3-4C1D-A278-D3891A487FED"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3DC01F2-6DFE-4A8E-9962-5E59AA965935"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C8EA231-338B-46A2-BE77-3A7AB54BD148", "versionEndIncluding": "20.3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9C8866D-162F-4C9B-8167-2FBA25410368"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F85E5BC7-8607-4330-AA72-2273D32F8604"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "878C81C9-A418-4A21-8FDB-2116A992679C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7451A671-A3CC-4904-8D45-947B1D3783C9"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0108AD20-EAE6-41D1-AE48-254C46B5388A"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44FBCA6F-EB05-4EE4-85FD-944BDAF7D81B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE674DD3-3590-4434-B144-5AD7EB5F039D"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0099BDA9-9D4B-4D6C-8234-EFD9E8C63476"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E1E57AF-979B-4022-8AD6-B3558E06B718"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}