CVE-2021-31375

Published: Oct 19, 2021

Modified: Sep 17, 2024

PUBLISHED

CVSS v3.1

7.2

HIGH

Description

An Improper Input Validation vulnerability in routing process daemon (RPD) of Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI), allows an attacker to send a specific BGP update which may cause RPKI policy-checks to be bypassed. This, in turn, may allow a spoofed advertisement to be accepted or propagated. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.2 versions prior to 17.2R3-S3; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S3; 18.3 versions prior to 18.3R3-S1; 18.4 versions prior to 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R2; 19.3 versions prior to 19.3R2.

Vendor	Product	Versions
Juniper Networks	Junos OS	affected `12.3 - < 12.3R12-S18` affected `15.1 - < 15.1R7-S9` affected `17.2 - < 17.2R3-S3` affected `17.3 - < 17.3R3-S7` affected `17.4 - < 17.4R2-S9, 17.4R3` +7 more versions

Weaknesses (CWE)

CWE-358

CWE-20

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

Low

Availability

Low

References

https://kb.juniper.net/JSA11240

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-31375

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References