CVE-2021-31379Incorrect Behavior Order in Networks Junos OS

CWE-696Incorrect Behavior Order4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.3%
top 42.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedOct 19
Latest updateMay 24

Description

An Incorrect Behavior Order vulnerability in the MAP-E automatic tunneling mechanism of Juniper Networks Junos OS allows an attacker to send certain malformed IPv4 or IPv6 packets to cause a Denial of Service (DoS) to the PFE on the device which is disabled as a result of the processing of these packets. Continued receipt and processing of these malformed IPv4 or IPv6 packets will create a sustained Denial of Service (DoS) condition. This issue only affects MPC 7/8/9/10/11 cards, when MAP-E IP r

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os17.2R117.2*+9
NVDjuniper/junos11 versions+10

🔴Vulnerability Details

2
GHSA
GHSA-g3mf-xh9x-gcpp: An Incorrect Behavior Order vulnerability in the MAP-E automatic tunneling mechanism of Juniper Networks Junos OS allows an attacker to send certain m2022-05-24
CVEList
Junos OS: MX Series: MPC 7/8/9/10/11 cards with MAP-E: PFE halts when an attacker sends malformed IPv4 or IPv6 traffic inside the MAP-E tunnel.2021-10-19

📋Vendor Advisories

1
Juniper
CVE-2021-31379: An Incorrect Behavior Order vulnerability in the MAP-E automatic tunneling mechanism of Juniper Networks Junos OS allows an attacker to send certain m2021-10-19
CVE-2021-31379 — Incorrect Behavior Order | cvebase