CVE-2021-0240Improper Check or Handling of Exceptional Conditions in Networks Junos OS

CWE-703Improper Check or Handling of Exceptional ConditionsCWE-755Improper Handling of Exceptional Conditions4 documents4 sources
Severity
6.5MEDIUMNVD
CNA7.4
EPSS
0.1%
top 71.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedApr 22
Latest updateMay 24

Description

On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, the Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash if a malformed DHCPv6 packet is received, resulting in a restart of the daemon. The daemon automatically restarts without intervention, but continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects DHCPv6. DHCPv4 is not affected by this i

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os17.317.3R3-S12+13
NVDjuniper/junos14 versions+13

🔴Vulnerability Details

2
GHSA
GHSA-pvc4-6v97-6f49: On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, the Juniper Networks Dynamic Host Configuration Protoc2022-05-24
CVEList
Junos OS: Receipt of malformed DHCPv6 packets causes jdhcpd to crash and restart.2021-04-22

📋Vendor Advisories

1
Juniper
CVE-2021-0240: On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, the Juniper Networks Dynamic Host Configuration Protoc2021-04-22
CVE-2021-0240 — Juniper Networks Junos OS vulnerability | cvebase