CVE-2021-31353 : Security Advisory and Response
Learn about CVE-2021-31353 affecting Juniper Networks Junos OS and Junos OS Evolved. Understand the DoS risk and mitigation steps. Find out about affected systems and necessary updates.
An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). This issue affects specific versions of Juniper Networks Junos OS and Junos OS Evolved.
Understanding CVE-2021-31353
This CVE involves an Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved, impacting the routing protocol daemon (RPD) and potentially leading to a Denial of Service (DoS) attack.
What is CVE-2021-31353?
CVE-2021-31353 is a vulnerability in Juniper Networks Junos OS and Junos OS Evolved that allows an attacker to crash the RPD by injecting a specific BGP update, resulting in a DoS condition.
The Impact of CVE-2021-31353
The vulnerability can be exploited to create a sustained Denial of Service (DoS) condition by repeatedly sending the malicious BGP update to the affected systems.
Technical Details of CVE-2021-31353
This section covers the vulnerability description, affected systems and versions, as well as the exploitation mechanism.
Vulnerability Description
The vulnerability arises from improper handling of exceptional conditions within Juniper Networks Junos OS and Junos OS Evolved, enabling the injection of a specific BGP update to crash the RPD.
Affected Systems and Versions
Junos OS versions 19.3R3-S2, 19.4R3-S3, 20.2 prior to 20.2R3-S2, 20.3 prior to 20.3R3, 20.4 prior to 20.4R3, and 21.1 prior to 21.1R2 are affected. For Junos OS Evolved, versions prior to 20.4R3-EVO, 21.1 prior to 21.1R2-EVO, and 21.2 prior to 21.2R2-EVO are impacted.
Exploitation Mechanism
By injecting a specific BGP update, attackers can crash the RPD and trigger a DoS situation. However, there have been no reported malicious exploitations of this vulnerability.
Mitigation and Prevention
Discover immediate steps to take, long-term security practices, and the importance of patching and updates.
Immediate Steps to Take
Mitigate the issue by ensuring proper TTL propagation settings and considering disabling multipath functionality in affected configurations.
Long-Term Security Practices
Implement robust network monitoring and access control measures to prevent unauthorized access and monitor for anomalous network behavior.
Patching and Updates
Juniper Networks has released software updates to address this vulnerability. Ensure your systems are running the patched versions listed in the solution section.