2021-0292 | Juniper Junos OS/Junos OS Evolved arpd/ndp resource consumption (JSA11194)
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.2 | $0-$5k | 0.11 |
A vulnerability has been found in Juniper Junos OS and Junos OS Evolved (Router Operating System) (the affected version is unknown) and classified as critical. This vulnerability affects some unknown functionality of the component arpd/ndp. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-400. As an impact it is known to affect availability. CVE summarizes:
An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service (DoS) condition. Link-layer functions such as IPv4 and/or IPv6 address resolution may be impacted, leading to traffic loss. The processes do not recover on their own and must be manually restarted. Changes in memory usage can be monitored using the following shell commands (header shown for clarity): user@router:/var/log# ps aux | grep arpd USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 31418 59.0 0.7 *5702564* 247952 ? xxx /usr/sbin/arpd –app-name arpd -I object_select –shared-objects-mode 3 user@router:/var/log# ps aux | grep arpd USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 31418 49.1 1.0 *5813156* 351184 ? xxx /usr/sbin/arpd –app-name arpd -I object_select –shared-objects-mode 3 Memory usage can be monitored for the ndp process in a similar fashion: user@router:/var/log# ps aux | grep ndp USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 14935 0.0 0.1 *5614052* 27256 ? Ssl Jun15 0:17 /usr/sbin/ndp -I no_tab_chk,object_select –app-name ndp –shared-obje user@router:/var/log# ps aux | grep ndp USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 14935 0.0 0.1 *5725164* 27256 ? Ssl Jun15 0:17 /usr/sbin/ndp -I no_tab_chk,object_select –app-name ndp –shared-obje This issue affects Juniper Networks Junos OS Evolved: 19.4 versions prior to 19.4R2-S3-EVO; 20.1 versions prior to 20.1R2-S4-EVO; all versions of 20.2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 19.4R2-EVO.
The weakness was released 07/16/2021 as JSA11194. The advisory is available at kb.juniper.net. This vulnerability was named CVE-2021-0292 since 10/27/2020. The exploitation appears to be easy. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Technical details are unknown but an exploit is available. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment (estimation calculated on 07/19/2021). This vulnerability is assigned to T1499 by the MITRE ATT&CK project.
It is declared as proof-of-concept.
Upgrading eliminates this vulnerability.
Type
Vendor
Name
VulDB Meta Base Score: 7.5
VulDB Meta Temp Score: 7.2
VulDB Base Score: 7.5
VulDB Temp Score: 7.2
VulDB Vector: 🔒
VulDB Reliability: 🔍
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 🔍 | 🔍 | 🔍 | 🔍 | 🔍 | 🔍 |
| 🔍 | 🔍 | 🔍 | 🔍 | 🔍 | 🔍 |
| 🔍 | 🔍 | 🔍 | 🔍 | 🔍 | 🔍 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Class: Denial of service
CWE: CWE-400
ATT&CK: T1499
Local: No
Remote: Yes
Availability: 🔒
Status: Proof-of-Concept
Price Prediction: 🔍
Current Price Estimation: 🔒
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍
Active Actors: 🔍
Active APT Groups: 🔍Recommended: Upgrade
Status: 🔍
0-Day Time: 🔒
Upgrade: kb.juniper.net
10/27/2020 CVE assigned
07/16/2021 Advisory disclosed
07/16/2021 VulDB entry created
07/19/2021 VulDB last updateVendor: https://www.juniper.net/
Advisory: JSA11194
Status: Confirmed
Confirmation: 🔒
CVE: CVE-2021-0292 (🔒)
scip Labs: https://www.scip.ch/en/?labs.20161013
Created: 07/16/2021 08:06
Updated: 07/19/2021 03:11
Changes: (1) source_cve_cna
Complete: 🔍
Download it now for free!
