CVE-2021-0207Misinterpretation of Input in Networks Junos OS

CWE-115Misinterpretation of InputCWE-436Interpretation Conflict4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 39.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJan 15
Latest updateMay 24

Description

An improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices does not allow certain traffic to pass through the device upon receipt from an ingress interface filtering certain specific types of traffic which is then being redirected to an egress interface on a different VLAN. This causes a Denial of Service (DoS) to those clients sending these particular types of traffic. Such traffic being sent by a client may appear genuin

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os17.317.3R3-S7+9
NVDjuniper/junos10 versions+9

🔴Vulnerability Details

2
GHSA
GHSA-qhwr-mfcx-qrr9: An improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices does not allow ce2022-05-24
CVEList
NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series: Certain genuine traffic received by the Junos OS device will be discarded instead of forwarded.2021-01-15

📋Vendor Advisories

1
Juniper
CVE-2021-0207: An improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices does not allow ce2021-01-15
CVE-2021-0207 — Misinterpretation of Input | cvebase