A Use of Uninitialized Resource vulnerability in the Border Gateway Protocol (BGP) software of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based malicious user to send specific genuine BGP packets to a device configured with BGP to cause a Denial of Service (DoS) by crashing the Routing Protocol Daemon (rpd). This issue is triggered when the packets attempt to initiate a BGP connection before a BGP session is successfully established. Continued receipt of these specific BGP packets will cause a sustained Denial of Service condition. This issue is triggerable in both iBGP and eBGP deployments. This issue affects: Juniper Networks Junos OS 21.1 version 21.1R1 and later versions before 21.1R3-S5; 21.2 version 21.2R1 and later versions before 21.2R3-S2; 21.3 version 21.3R1 and later versions before 21.3R3-S2; 21.4 versions before 21.4R3; 22.1 versions before 22.1R3; 22.2 versions before 22.2R2. This issue does not affect Juniper Networks Junos OS versions before 21.1R1. This issue affects: Juniper Networks Junos OS Evolved 21.1-EVO version 21.1R1-EVO and later versions before 21.4R3-EVO; 22.1-EVO versions before 22.1R3-EVO; 22.2-EVO versions before 22.2R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions before 21.1R1-EVO.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
juniper junos os evolved 21.1 |
||
juniper junos os evolved 21.2 |
||
juniper junos os evolved 21.3 |
||
juniper junos os evolved 21.4 |
||
juniper junos os evolved 22.1 |
||
juniper junos os evolved 22.2 |
||
juniper junos 21.1 |
||
juniper junos 21.2 |
||
juniper junos 21.3 |
||
juniper junos 21.4 |
||
juniper junos 22.1 |
||
juniper junos 22.2 |
Vulmon