Rewterz Threat Advisory – Multiple Node.js Body and header Vulnerabilities
October 13, 2021Rewterz Threat Advisory – CVE-2021-34866 – Linux Kernel Vulnerability
October 14, 2021Rewterz Threat Advisory – Multiple Node.js Body and header Vulnerabilities
October 13, 2021Rewterz Threat Advisory – CVE-2021-34866 – Linux Kernel Vulnerability
October 14, 2021Severity
High
Analysis Summary
CVE-2021-31365
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw. By sending a specially crafted stream of layer 2 frames, a remote attacker could exploit this vulnerability to cause an Aggregated Ethernet (AE) interface to go down, and results in a denial of service condition.
CVE-2021-31364
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a race condition in the flow daemon (flowd). By sending a specially-crafted network traffic, a remote attacker could exploit this vulnerability to cause the flowd/srxpfe process to crash, and results in a denial of service condition.
CVE-2021-31360
Juniper Networks Junos OS and Junos OS Evolved could allow a local authenticated attacker to gain elevated privileges on the system, caused by an improper privilege management flaw in the command-line interpreter (CLI). By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to overwrite local files as root or cause a denial of service condition.
CVE-2021-31359
Juniper Networks Junos OS and Junos OS Evolved could allow a local authenticated attacker to gain elevated privileges on the system, caused by an improper privilege management flaw. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary commands as root and cause the Juniper DHCP daemon (jdhcpd) process to crash.
CVE-2021-31358
Juniper could allow a local authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in command processing. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary shell commands within the context of the current user.
CVE-2021-31357
Juniper could allow a local authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in command processing. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary shell commands within the context of the current user.
CVE-2021-31356
Juniper could allow a local authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in command processing. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary shell commands within the context of the current user.
CVE-2021-31350
Juniper Networks Junos OS and Junos OS Evolved could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an improper privilege management flaw in the gRPC framework. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges as root.
CVE-2021-0299
Juniper Networks Junos OS is vulnerable to a denial of service, caused by improper handling of exceptional conditions in the processing of a transit or directly received IPv6 packet. By sending a specially-crafted IPv6 packet, a remote attacker could exploit this vulnerability to cause the kernel to crash, and results in a denial of service condition.
CVE-2021-0298
Juniper Networks Junos OS Evolved is vulnerable to a denial of service, caused by a race condition in the ‘show chassis pic’ command. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to crash the port interface concentrator daemon (picd) process on the FPC.
CVE-2021-0297
Juniper Networks Junos OS Evolved could allow a remote attacker to bypass security restrictions, caused by a flaw in the processing of TCP MD5 authentication. By sending a specially-crafted request, an attacker could exploit this vulnerability to establish a BGP or LDP session configured with MD5 authentication.
CVE-2021-0296
Juniper Networks CTPView could provide weaker than expected security, caused by not enforcing HTTP Strict Transport Security (HSTS). An attacker could exploit this vulnerability to perform downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.
Impact
- Denial of Service
- Privilege Escalation
- Command Execution
- Security Bypass
Affected Vendors
- Juniper
Affected Products
- Juniper Networks Junos OS
- Juniper Networks EX4300
- Juniper Networks EX2300
- Juniper Networks EX3400
- Juniper Networks EX4400
- Juniper Networks Junos OS Evolved
- Juniper Networks Junos OS 18.4
- Juniper Networks Junos OS 19.1
- Juniper Networks Junos OS 19.2
- Juniper Networks Junos OS 19.3
- Juniper Networks Junos OS 19.4
- Juniper Networks Junos OS 20.1
- Juniper Networks Junos OS 20.2
- Juniper Networks Junos OS 20.3
- Juniper Networks Junos OS 20.4
- Juniper Networks PTX10003
- Juniper Networks PTX10008
Remediation
Refer to Juniper Advisory for patch, upgrade, or suggested workaround information.
CVE-2021-31365
CVE-2021-31364
CVE-2021-31360
Juniper Networks Junos OS Evolved