CVE-2021-0289 in Junos OSthông tin

Tóm tắt

Bởi MITRE • 16/07/2021

When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command "show interfaces extensive" and review the output. See further details below. An example output is: show interfaces extensive | match policer Policer: Input: __default_arp_policer__

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

chịu trách nhiệm

Juniper Networks, Inc.

Đặt trước

27/10/2020

Tiết lộ

16/07/2021

Kiểm duyệt

được chấp nhận

EPSS

0.00261

KEV

không

Các hoạt động

rất thấp

Nguồn

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!