CVE-2021-31376

{"id": "CVE-2021-31376", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-10-19T19:15:10.840", "references": [{"url": "https://kb.juniper.net/JSA11241", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://kb.juniper.net/JSA11241", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-20"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific DHCPv6 packets to the device and crashing the FXPC service. Continued receipt and processing of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms in ACX Series: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096 devices. Other ACX platforms are not affected from this issue. This issue affects Juniper Networks Junos OS on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: 18.4 version 18.4R3-S7 and later versions prior to 18.4R3-S8. This issue does not affect: Juniper Networks Junos OS 18.4 versions prior to 18.4R3-S7 on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096."}, {"lang": "es", "value": "Una vulnerabilidad de comprobaci\u00f3n de entrada inapropiada en el proceso del Administrador del Motor de Reenv\u00edo de Paquetes (FXPC) de Juniper Networks Junos OS permite a un atacante causar una Denegaci\u00f3n de Servicio (DoS) mediante el env\u00edo de paquetes DHCPv6 espec\u00edficos al dispositivo y el bloqueo del servicio FXPC. La recepci\u00f3n y el procesamiento continuados de este paquete espec\u00edfico crear\u00e1n una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. Este problema afecta s\u00f3lo a las siguientes plataformas de la serie ACX: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096. Otras plataformas ACX no est\u00e1n afectadas por este problema. Este problema afecta a Juniper Networks Junos OS en ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: versi\u00f3n 18.4 18.4R3-S7 y versiones posteriores anteriores a 18.4R3-S8. Este problema no afecta: Juniper Networks Junos OS versiones 18.4 anteriores a 18.4R3-S7 en ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096"}], "lastModified": "2024-11-21T06:05:33.117", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14FC491D-8DA8-4E79-A9A6-3629E41C847A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:juniper:acx1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AF19CB03-4A42-48BC-A6E1-A6F56D40F422"}, {"criteria": "cpe:2.3:h:juniper:acx1100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "648CB4A2-05FA-4445-BB4F-F9285A8E8A5D"}, {"criteria": "cpe:2.3:h:juniper:acx2100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E9F5683A-7DCC-4691-AD3A-F2B66684DA9C"}, {"criteria": "cpe:2.3:h:juniper:acx2200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "154658D0-FE3E-43C1-8A4D-CAF67C9BCD98"}, {"criteria": "cpe:2.3:h:juniper:acx4000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "76E2CDA9-2379-482C-B509-D527AFE2C7D5"}, {"criteria": "cpe:2.3:h:juniper:acx500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "36729286-5080-47E8-A961-976BF64F5A93"}, {"criteria": "cpe:2.3:h:juniper:acx5048:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3F8DB691-C9F4-4084-8563-642A2F63DA86"}, {"criteria": "cpe:2.3:h:juniper:acx5096:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "44B58F51-4F0D-40BD-A90F-226A26F4646E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}