{"containers": {"cna": {"affected": [{"platforms": ["ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"changes": [{"at": "18.4R3-S7", "status": "affected"}, {"at": "18.4R3-S8", "status": "unaffected"}], "lessThan": "18.4R3-S7", "status": "unaffected", "version": "18.4", "versionType": "custom"}]}], "datePublic": "2021-10-13T00:00:00", "descriptions": [{"lang": "en", "value": "An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific DHCPv6 packets to the device and crashing the FXPC service. Continued receipt and processing of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms in ACX Series: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096 devices. Other ACX platforms are not affected from this issue. This issue affects Juniper Networks Junos OS on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: 18.4 version 18.4R3-S7 and later versions prior to 18.4R3-S8. This issue does not affect: Juniper Networks Junos OS 18.4 versions prior to 18.4R3-S7 on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"description": "Denial of Service (DoS)", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-10-19T18:17:14", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA11241"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 18.4R3-S8."}], "source": {"advisory": "JSA11241", "defect": ["1565716"], "discovery": "USER"}, "title": "Junos OS: ACX Series: Packet Forwarding Engine manager (FXPC) process crashes when processing DHCPv6 packets", "workarounds": [{"lang": "en", "value": "There are no viable workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-10-13T16:00:00.000Z", "ID": "CVE-2021-31376", "STATE": "PUBLIC", "TITLE": "Junos OS: ACX Series: Packet Forwarding Engine manager (FXPC) process crashes when processing DHCPv6 packets"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"platform": "ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096", "version_affected": "!<", "version_name": "18.4", "version_value": "18.4R3-S7"}, {"platform": "ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096", "version_affected": ">=", "version_name": "18.4", "version_value": "18.4R3-S7"}, {"platform": "ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096", "version_affected": "<", "version_name": "18.4", "version_value": "18.4R3-S8"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific DHCPv6 packets to the device and crashing the FXPC service. Continued receipt and processing of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms in ACX Series: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096 devices. Other ACX platforms are not affected from this issue. This issue affects Juniper Networks Junos OS on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: 18.4 version 18.4R3-S7 and later versions prior to 18.4R3-S8. This issue does not affect: Juniper Networks Junos OS 18.4 versions prior to 18.4R3-S7 on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096."}]}, "exploit": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20 Improper Input Validation"}]}, {"description": [{"lang": "eng", "value": "Denial of Service (DoS)"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA11241", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11241"}]}, "solution": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 18.4R3-S8."}], "source": {"advisory": "JSA11241", "defect": ["1565716"], "discovery": "USER"}, "work_around": [{"lang": "en", "value": "There are no viable workarounds for this issue."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T22:55:53.728Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA11241"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-31376", "datePublished": "2021-10-19T18:17:15.044075Z", "dateReserved": "2021-04-15T00:00:00", "dateUpdated": "2024-09-16T22:46:42.537Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s7:*:*:*:*:*:*", "matchCriteriaId": "14FC491D-8DA8-4E79-A9A6-3629E41C847A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:acx1000:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF19CB03-4A42-48BC-A6E1-A6F56D40F422", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:acx1100:-:*:*:*:*:*:*:*", "matchCriteriaId": "648CB4A2-05FA-4445-BB4F-F9285A8E8A5D", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:acx2100:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9F5683A-7DCC-4691-AD3A-F2B66684DA9C", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:acx2200:-:*:*:*:*:*:*:*", "matchCriteriaId": "154658D0-FE3E-43C1-8A4D-CAF67C9BCD98", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:acx4000:-:*:*:*:*:*:*:*", "matchCriteriaId": "76E2CDA9-2379-482C-B509-D527AFE2C7D5", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:acx500:-:*:*:*:*:*:*:*", "matchCriteriaId": "36729286-5080-47E8-A961-976BF64F5A93", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:acx5048:-:*:*:*:*:*:*:*", "matchCriteriaId": "3F8DB691-C9F4-4084-8563-642A2F63DA86", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:acx5096:-:*:*:*:*:*:*:*", "matchCriteriaId": "44B58F51-4F0D-40BD-A90F-226A26F4646E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific DHCPv6 packets to the device and crashing the FXPC service. Continued receipt and processing of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms in ACX Series: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096 devices. Other ACX platforms are not affected from this issue. This issue affects Juniper Networks Junos OS on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: 18.4 version 18.4R3-S7 and later versions prior to 18.4R3-S8. This issue does not affect: Juniper Networks Junos OS 18.4 versions prior to 18.4R3-S7 on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096."}, {"lang": "es", "value": "Una vulnerabilidad de comprobaci\u00f3n de entrada inapropiada en el proceso del Administrador del Motor de Reenv\u00edo de Paquetes (FXPC) de Juniper Networks Junos OS permite a un atacante causar una Denegaci\u00f3n de Servicio (DoS) mediante el env\u00edo de paquetes DHCPv6 espec\u00edficos al dispositivo y el bloqueo del servicio FXPC. La recepci\u00f3n y el procesamiento continuados de este paquete espec\u00edfico crear\u00e1n una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. Este problema afecta s\u00f3lo a las siguientes plataformas de la serie ACX: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096. Otras plataformas ACX no est\u00e1n afectadas por este problema. Este problema afecta a Juniper Networks Junos OS en ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: versi\u00f3n 18.4 18.4R3-S7 y versiones posteriores anteriores a 18.4R3-S8. Este problema no afecta: Juniper Networks Junos OS versiones 18.4 anteriores a 18.4R3-S7 en ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096"}], "id": "CVE-2021-31376", "lastModified": "2021-10-25T16:20:45.673", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Primary"}]}, "published": "2021-10-19T19:15:10.840", "references": [{"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA11241"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "sirt@juniper.net", "type": "Secondary"}]}

{}