CVE-2021-0241Improper Check or Handling of Exceptional Conditions in Networks Junos OS

CWE-703Improper Check or Handling of Exceptional ConditionsCWE-755Improper Handling of Exceptional Conditions4 documents4 sources
Severity
6.5MEDIUMNVD
CNA7.4
EPSS
0.1%
top 71.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedApr 22
Latest updateMay 24

Description

On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a specific DHCPv6 packet is received, resulting in a restart of the daemon. The daemon automatically restarts without intervention, but continued receipt and processing of these specific packets will repeatedly crash the JDHCPD process and sustain the Denial of Service (DoS) condition. This iss

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os17.317.3R3-S11+12
NVDjuniper/junos14 versions+13

🔴Vulnerability Details

2
GHSA
GHSA-r668-8p4p-w5jh: On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol D2022-05-24
CVEList
Junos OS: Receipt of specific DHCPv6 packet may cause jdhcpd to crash and restart2021-04-22

📋Vendor Advisories

1
Juniper
CVE-2021-0241: On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol D2021-04-22
CVE-2021-0241 — Juniper Networks Junos OS vulnerability | cvebase