An Improper Input Validation vulnerability in routing process daemon (RPD) of Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI), allows an attacker to send a specific BGP update which may cause RPKI policy-checks to be bypassed. This, in turn, may allow a spoofed advertisement to be accepted or propagated. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.2 versions prior to 17.2R3-S3; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S3; 18.3 versions prior to 18.3R3-S1; 18.4 versions prior to 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R2; 19.3 versions prior to 19.3R2.
Published 2021-10-19 19:15:11
Updated 2022-10-27 16:33:58
View at NVD,   CVE.org
Vulnerability category: Input validation

Products affected by CVE-2021-31375

Exploit prediction scoring system (EPSS) score for CVE-2021-31375

0.08%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 36 %
Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-31375

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
5.0
MEDIUM AV:N/AC:L/Au:N/C:N/I:P/A:N
10.0
2.9
NIST
5.3
MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3.9
1.4
NIST
7.2
HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
3.9
2.7
Juniper Networks, Inc.

CWE ids for CVE-2021-31375

  • The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
    Assigned by: sirt@juniper.net (Secondary)
  • The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.
    Assigned by: sirt@juniper.net (Secondary)

References for CVE-2021-31375

  • https://kb.juniper.net/JSA11240
    2021-10 Security Bulletin: Junos OS: Receipt of a specific BGP update may cause RPKI policy-checks to be bypassed (CVE-2021-31375) - Juniper Networks
    Vendor Advisory
Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!