CVE-2021-0291

Vulnerability Summary

An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated malicious user to send specific traffic which partially reaches this resource. A high rate of specific traffic may lead to a partial Denial of Service (DoS) as the CPU utilization of the RE is significantly increased. The SNMP Agent Extensibility (agentx) process should only be listening to TCP port 705 on the internal routing instance. External connections destined to port 705 should not be allowed. This issue affects: Juniper Networks Junos OS: 15.1 versions before 15.1R7-S9; 17.3 versions before 17.3R3-S12; 17.4 versions before 17.4R2-S13, 17.4R3-S5; 18.3 versions before 18.3R3-S5; 18.4 versions before 18.4R2-S8; 19.1 versions before 19.1R3-S5; 19.2 versions before 19.2R3-S2; 19.3 versions before 19.3R2-S6, 19.3R3-S2; 19.4 versions before 19.4R1-S4, 19.4R2-S4, 19.4R3; 20.1 versions before 20.1R2; 20.2 versions before 20.2R2; 20.3 versions before 20.3R2. Juniper Networks Junos OS Evolved versions before 20.3R2-EVO. This issue does not affect Juniper Networks Junos OS versions before 13.2R1.

Vulnerability Trend

References