VDB
CVE-2021-0276
CVE-2021-0276
PUBLISHED
CVSS 9.800000190734863 CRITICAL
A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). This issue affects Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R19; 8.5.0 versions prior to 8.5.0R10; 8.6.0 versions prior to 8.6.0R4.
EPSS 2.63% · 86.0th percentile
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
2.63%
86.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| juniper | steel-belted_radius_carrier | 8.4.1, 8.5.0, 8.5.0 |
| Juniper Networks | SBR Carrier | 8.6.0, 8.4.1, 8.5.0 |
Exploit Intelligence
- https://kb.juniper.net/JSA11180 (circl)
Timeline
- Jul 15, 2021 CVE Published
- Jul 16, 2021 EPSS Score
- Sep 14, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Jan 11, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 10, 2022 EPSS Score
- Jul 9, 2022 EPSS Score
- Sep 7, 2022 EPSS Score
- Jan 4, 2023 EPSS Score
- Mar 5, 2023 EPSS Score