CVE-2021-0259
Description
Due to a vulnerability in DDoS protection in Juniper Networks Junos OS and Junos OS Evolved on QFX5K Series switches in a VXLAN configuration, instability might be experienced in the underlay network as a consequence of exceeding the default ddos-protection aggregate threshold. If an attacker on a client device on the overlay network sends a high volume of specific, legitimate traffic in the overlay network, due to an improperly detected DDoS violation, the leaf might not process certain L2 traffic, sent by spines in the underlay network. Continued receipt and processing of the high volume traffic will sustain the Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on QFX5K Series: 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R2-S8, 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R1-S8, 18.4R2-S6, 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior to 20.3R1-S2, 20.3R2. Juniper Networks Junos OS Evolved on QFX5220: All versions prior to 20.3R2-EVO.
Risk Information
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are fixed in junos 17.3R3-S11 | NCM |
| Multiple Vulnerabilities are fixed in junos 17.4R3-S5 | NCM |
| Multiple Vulnerabilities are fixed in junos 18.1R3-S13 | NCM |
| Vulnerabilities CVE-2021-0254,CVE-2021-0255,CVE-2021-0256,CVE-2021-0259 are fixed in junos 18.2R2-S8 | NCM |
| Multiple Vulnerabilities are fixed in junos 18.3R3-S5 | NCM |
| Vulnerabilities CVE-2021-0254,CVE-2021-0259,CVE-2021-0260 are fixed in junos 18.4R1-S8 | NCM |
| Multiple Vulnerabilities are fixed in junos 19.1R3-S4 | NCM |
| Multiple Vulnerabilities are fixed in junos 19.2R1-S6 | NCM |
| Multiple Vulnerabilities are fixed in junos 19.3R3-S2 | NCM |
| Vulnerabilities CVE-2021-0235,CVE-2021-0254,CVE-2021-0259,CVE-2021-0263 are fixed in junos 19.4R2-S4 | NCM |
| Multiple Vulnerabilities are fixed in junos 20.1R2 | NCM |
| Multiple Vulnerabilities are fixed in junos 20.2R2 | NCM |
| Vulnerabilities CVE-2021-0235,CVE-2021-0259,CVE-2021-0263 are fixed in junos 20.3R1-S2 | NCM |
| Improper Handling of Exceptional Conditions Vulnerability (CVE-2021-0259) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234