An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing the device to restart, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with IPv6 configured. Devices with only IPv4 configured are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S1, 20.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.4R1.
Published 2021-10-19 19:15:08
Updated 2021-10-26 14:22:29
View at NVD,   CVE.org
Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2021-0299

0.10%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 43 %
Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-0299

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
7.1
HIGH AV:N/AC:M/Au:N/C:N/I:N/A:C
8.6
6.9
NIST
7.5
HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.9
3.6
Juniper Networks, Inc.

CWE ids for CVE-2021-0299

References for CVE-2021-0299

  • https://kb.juniper.net/JSA11213
    2021-10 Security Bulletin: Junos OS: Kernel crash (vmcore) upon receipt of a malformed IPv6 packet (CVE-2021-0299) - Juniper Networks
    Vendor Advisory

Products affected by CVE-2021-0299

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!