CVE-2021-31376

An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific DHCPv6 packets to the device and crashing the FXPC service. Continued receipt and processing of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms in ACX Series: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096 devices. Other ACX platforms are not affected from this issue. This issue affects Juniper Networks Junos OS on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: 18.4 version 18.4R3-S7 and later versions prior to 18.4R3-S8. This issue does not affect: Juniper Networks Junos OS 18.4 versions prior to 18.4R3-S7 on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://kb.juniper.net/JSA11241	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:juniper:junos:18.4:r3-s7:*:*:*:*:*:*

OR	cpe:2.3:h:juniper:acx1000:-:::::::*
	cpe:2.3:h:juniper:acx1100:-:::::::*
	cpe:2.3:h:juniper:acx2100:-:::::::*
	cpe:2.3:h:juniper:acx2200:-:::::::*
	cpe:2.3:h:juniper:acx4000:-:::::::*
	cpe:2.3:h:juniper:acx500:-:::::::*
	cpe:2.3:h:juniper:acx5048:-:::::::*
	cpe:2.3:h:juniper:acx5096:-:::::::*

History

25 Oct 2021, 16:20

Type	Values Removed	Values Added
References	~~(CONFIRM) https://kb.juniper.net/JSA11241 -~~	(CONFIRM) https://kb.juniper.net/JSA11241 - Vendor Advisory
CPE		cpe:2.3:h:juniper:acx500:-:::::::* cpe:2.3:o:juniper:junos:18.4:r3-s7:::::: cpe:2.3:h:juniper:acx5048:-:::::::* cpe:2.3:h:juniper:acx5096:-:::::::* cpe:2.3:h:juniper:acx2100:-:::::::* cpe:2.3:h:juniper:acx4000:-:::::::* cpe:2.3:h:juniper:acx2200:-:::::::* cpe:2.3:h:juniper:acx1100:-:::::::* cpe:2.3:h:juniper:acx1000:-:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~7.5~~	v2 : 5.0 v3 : 7.5
CWE		CWE-20

19 Oct 2021, 19:22

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-10-19 19:15

Updated : 2023-12-10 14:09

NVD link : CVE-2021-31376

Mitre link : CVE-2021-31376

CVE.ORG link : CVE-2021-31376

JSON object : View

Products Affected

juniper

acx5096
junos
acx500
acx2200
acx1000
acx5048
acx2100
acx4000
acx1100

CWE

CWE-20

Improper Input Validation

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2021-31376

7.5^/10

5.0^/10

Attach tags to `CVE-2021-31376`