VYPR
Unrated severityNVD Advisory· Published Apr 22, 2021· Updated Sep 16, 2024

Junos OS: Receipt of specific packets could lead to Denial of Service in MQTT Server

CVE-2021-0229

Description

An uncontrolled resource consumption vulnerability in Message Queue Telemetry Transport (MQTT) server of Juniper Networks Junos OS allows an attacker to cause MQTT server to crash and restart leading to a Denial of Service (DoS) by sending a stream of specific packets. A Juniper Extension Toolkit (JET) application designed with a listening port uses the Message Queue Telemetry Transport (MQTT) protocol to connect to a mosquitto broker that is running on Junos OS to subscribe for events. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: 16.1R1 and later versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 16.1R1.

Affected products

2
  • Juniper Networks/Junosllm-fuzzy2 versions
    >=16.1R1, <17.3R3-S11, >=17.4 <17.4R2-S13, etc. (see NVD)+ 1 more
    • (no CPE)range: >=16.1R1, <17.3R3-S11, >=17.4 <17.4R2-S13, etc. (see NVD)
    • (no CPE)range: 16.1R1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.