CVE-2021-0292Uncontrolled Resource Consumption in Networks Junos OS Evolved

CWE-400Uncontrolled Resource Consumption4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 76.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OS EvolvedJuniper Junos OS Evolved
Timeline
PublishedJul 15
Latest updateMay 24

Description

An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service (DoS) condition. Link-layer functions such as IPv4 and/or IPv6 address resolution may be impacted, leading to traffic loss. The processes do not recover on their own and must be manually restarted. Changes in memory usag

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os_evolved19.419.4R2-S3-EVO+2
NVDjuniper/junos_os_evolved19.4, 20.1, 20.2+2

🔴Vulnerability Details

2
GHSA
GHSA-grjp-mm84-7748: An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS2022-05-24
CVEList
Junos OS Evolved: Memory leak in arpd or ndp processes can lead to Denial of Service (DoS)2021-07-15

📋Vendor Advisories

1
Juniper
CVE-2021-0292: An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS2021-07-15
CVE-2021-0292 — Uncontrolled Resource Consumption | cvebase