VDB

CVE-2021-0276

CVE-2021-0276 PUBLISHED CVSS 9.800000190734863 CRITICAL

A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). This issue affects Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R19; 8.5.0 versions prior to 8.5.0R10; 8.6.0 versions prior to 8.6.0R4.

EPSS 2.63% · 86.0th percentile

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
2.63%
86.0th percentile

Affected Products

VendorProductVersions
junipersteel-belted_radius_carrier8.4.1, 8.5.0, 8.5.0
Juniper NetworksSBR Carrier8.6.0, 8.4.1, 8.5.0

Exploit Intelligence

Timeline

  • Jul 15, 2021 CVE Published
  • Jul 16, 2021 EPSS Score
  • Sep 14, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Jan 11, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 10, 2022 EPSS Score
  • Jul 9, 2022 EPSS Score
  • Sep 7, 2022 EPSS Score
  • Jan 4, 2023 EPSS Score
  • Mar 5, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›