CVE-2021-0273 — Always-Incorrect Control Flow Implementation in Networks Junos OS

CWE-670 — Always-Incorrect Control Flow Implementation CWE-835 — Infinite Loop4 documents4 sources

Severity

5.3MEDIUMNVD

EPSS

0.3%

top 49.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Networks Junos OS Evolved Juniper Junos +1 more

Timeline

PublishedApr 22

Latest updateMay 24

Description

An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks Junos OS and Junos OS Evolved on ACX5800, EX9200 Series, MX10000 Series, MX240, MX480, MX960 devices with affected Trio line cards allows an attacker to exploit an interdependency in the PFE UCODE microcode of the Trio chipset with various line cards to cause packets destined to the devices interfaces to cause a Denial of Service (DoS) condition by looping the packet with an unreachable exit conditio…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os_evolved19.4 — 19.4R2-EVO

▶CVEListV5juniper_networks/junos_os15.1F6 — 15.1*+13

▶NVDjuniper/junos_os_evolved19.4

▶NVDjuniper/junos14 versions+13

🔴Vulnerability Details

GHSA

GHSA-6cmc-3j92-722g: An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks Junos OS and Junos OS Evolved on ACX5800, EX9200 Seri↗2022-05-24

▶

CVEList

Junos OS and Junos OS Evolved: Trio Chipset: Denial of Service due to packet destined to device's interfaces.↗2021-04-22

▶

📋Vendor Advisories

Juniper

CVE-2021-0273: An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks Junos OS and Junos OS Evolved on ACX5800, EX9200 Seri↗2021-04-22

▶