What is CVE-2021-0294?

CVE-2021-0294 is a vulnerability in Juniper Networks Junos OS that affects the release 18.4R2-S5.

Which software versions are affected by CVE-2021-0294?

Only the release 18.4R2-S5 of Juniper Networks Junos OS is affected by CVE-2021-0294.

Which series of Juniper Networks devices are affected by CVE-2021-0294?

The vulnerability only affects the Juniper Networks Junos QFX5000 Series and EX4600 Series.

What is the severity of CVE-2021-0294?

The severity of CVE-2021-0294 is medium with a CVSS score of 5.3.

How can I fix CVE-2021-0294?

To fix CVE-2021-0294, update to a version of Juniper Networks Junos OS that is not affected.

Vulnerability/
CVE-2021-0294

medium

5.3

CWE

474

15/7/2021

17/9/2024

CVE-2021-0294: Junos OS: QFX5000 Series and EX4600 Series: Enhanced storm control might not work leading to partial Denial of Service

First published: Thu Jul 15 2021(Updated: )

A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on Juniper Networks Junos QFX5000 Series and EX4600 Series, and if "storm-control enhanced" is configured, can lead to the enhanced storm control filter group not be installed. It will cause storm control not to work hence allowing an attacker to cause high CPU usage or packet loss issues by sending a large amount of broadcast or unknown unicast packets arriving the device. This issue affects Juniper Networks QFX5100, QFX5110, QFX5120, QFX5200, QFX5210, EX4600, and EX4650, and QFX5100 with QFX 5e Series image installed. QFX5130 and QFX5220 are not affected from this issue. This issue affects Juniper Networks Junos OS 18.4R2-S5 on QFX5000 Series and EX4600 Series. No other product or platform is affected by this vulnerability.

Credit: sirt@juniper.net

Affected Software	Affected Version	How to fix
Juniper JUNOS	=18.4-r2-s5
Juniper EX4600
Juniper Ex4650
Juniper Qfx5100
Juniper Qfx5110
Juniper Qfx5120
Juniper Qfx5200
Juniper Qfx5210

Remedy

The following software releases has been updated to resolve this specific issue: Junos OS 18.4R2-S6.

Never miss a vulnerability like this again

Reference Links

https://kb.juniper.net/JSA11196

Frequently Asked Questions

What is CVE-2021-0294?
CVE-2021-0294 is a vulnerability in Juniper Networks Junos OS that affects the release 18.4R2-S5.
Which software versions are affected by CVE-2021-0294?
Only the release 18.4R2-S5 of Juniper Networks Junos OS is affected by CVE-2021-0294.
Which series of Juniper Networks devices are affected by CVE-2021-0294?
The vulnerability only affects the Juniper Networks Junos QFX5000 Series and EX4600 Series.
What is the severity of CVE-2021-0294?
The severity of CVE-2021-0294 is medium with a CVSS score of 5.3.
How can I fix CVE-2021-0294?
To fix CVE-2021-0294, update to a version of Juniper Networks Junos OS that is not affected.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/author
agent/severity
agent/weakness
agent/last-modified-date
agent/title
agent/references
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/juniper
canonical/juniper junos
version/juniper junos/18.4-r2-s5
canonical/juniper ex4600
canonical/juniper ex4650
canonical/juniper qfx5100
canonical/juniper qfx5110
canonical/juniper qfx5120
canonical/juniper qfx5200
canonical/juniper qfx5210

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.