CVE-2021-0280
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: sirt@juniper.net (Secondary)
Description
Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE). This may cause BFD sessions to flap when a high rate of specific packets are received. Flapping of BFD sessions in turn may impact routing protocols and network stability, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms with Paradise (PE) chipset-based line cards: PTX1000, PTX3000 (NextGen), PTX5000, PTX10008, PTX10016 Series and QFX10002 Series. This issue affects: Juniper Networks Junos OS 17.4 versions prior to 17.4R3-S5 on PTX Series, QFX10K Series; 18.2 versions prior to 18.2R3-S8 on PTX Series, QFX10K Series; 18.3 versions prior to 18.3R3-S5 on PTX Series, QFX10K Series; 18.4 versions prior to 18.4R2-S8 on PTX Series, QFX10K Series; 19.1 versions prior to 19.1R3-S5 on PTX Series, QFX10K Series; 19.2 versions prior to 19.2R3-S2 on PTX Series, QFX10K Series; 19.3 versions prior to 19.3R3-S2 on PTX Series, QFX10K Series; 19.4 versions prior to 19.4R3-S2 on PTX Series, QFX10K Series; 20.1 versions prior to 20.1R3 on PTX Series, QFX10K Series; 20.2 versions prior to 20.2R2-S3, 20.2R3 on PTX Series, QFX10K Series; 20.3 versions prior to 20.3R2 on PTX Series, QFX10K Series; 20.4 versions prior to 20.4R2 on PTX Series, QFX10K Series.
Affected (153)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 17.4 |
| Running on/with | Platform Versions |
|---|---|
Juniper Ptx1000 | All versions |
Juniper Ptx1000 72q | All versions |
Juniper Ptx10000 | All versions |
Juniper Ptx10001 | All versions |
Juniper Ptx10001 36mr | All versions |
Juniper Ptx100016 | All versions |
Juniper Ptx10002 | All versions |
Juniper Ptx10002 60c | All versions |
Juniper Ptx10003 | All versions |
Juniper Ptx10003 160c | All versions |
Juniper Ptx10003 80c | All versions |
Juniper Ptx10003 81cd | All versions |
Juniper Ptx10004 | All versions |
Juniper Ptx10008 | All versions |
Juniper Ptx10016 | All versions |
Juniper Ptx3000 | All versions |
Juniper Ptx5000 | All versions |
Juniper Qfx10000 | All versions |
Juniper Qfx10002 | All versions |
Juniper Qfx10002 32q | All versions |
Juniper Qfx10002 60c | All versions |
Juniper Qfx10002 72q | All versions |
Juniper Qfx10008 | All versions |
Juniper Qfx10016 | All versions |
References (2)
Timeline
No history available yet.