CVE-2021-0287 — Vulnetix

CVE-2021-0287 PUBLISHED CVSS 6.5 MEDIUM

In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued link flaps will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 19.4 versions prior to 19.4R1-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R2; Juniper Networks Junos OS Evolved: 20.3-EVO versions prior to 20.3R2-EVO; 20.4-EVO versions prior to 20.4R2-EVO. This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO.

EPSS 0.08% · 22.6th percentile

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.08%

22.6th percentile

Affected Products

Vendor	Product	Versions
Juniper Networks	Junos OS Evolved	19.4R1-EVO, 20.1R1-EVO, 20.2R1-EVO
juniper	junos	19.4, 19.4, 19.4
Juniper Networks	Junos OS	unspecified, 19.4R1, 20.1
juniper	junos_os_evolved	20.3, 20.3, 20.4

Timeline

Jul 15, 2021 CVE Published
Jul 16, 2021 EPSS Score
Sep 13, 2021 EPSS Score
Nov 11, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Mar 9, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 7, 2022 EPSS Score
Jul 5, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Nov 1, 2022 EPSS Score

References

https://kb.juniper.net/JSA11189 url
https://nvd.nist.gov/vuln/detail/CVE-2021-0287 advisory

Open in Interactive Console →