CVE-2021-0299
Last modified
CVE-2021-0299 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing the device to restart, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. EPSS estimates a 0.98% chance of exploitation in the next 30 days.
Description
An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing the device to restart, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with IPv6 configured. Devices with only IPv4 configured are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S1, 20.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.4R1.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Juniper | Junos | 19.4 | — |
| Juniper | Junos | 20.1 | R1 |
| Juniper | Junos | 20.2 | R1 |
References
- https://kb.juniper.net/JSA11213Vendor Advisory
- https://kb.juniper.net/JSA11213Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-0299?
How severe is CVE-2021-0299?
How do I fix CVE-2021-0299?
Are you affected by CVE-2021-0299?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST