CVE-2021-0206

HIGH

Juniper Junos OS 18.3-19.3 - Denial of Service via SSL Proxy Packet Handling

Title source: llm

Description

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to send a specific packet causing the packet forwarding engine (PFE) to crash and restart, resulting in a Denial of Service (DoS). By continuously sending these specific packets, an attacker can repeatedly disable the PFE causing a sustained Denial of Service (DoS). This issue only affects Juniper Networks NFX Series, SRX Series platforms when SSL Proxy is configured. This issue affects Juniper Networks Junos OS on NFX Series and SRX Series: 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S1; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3; 19.2 versions prior to 19.2R1-S2, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS versions on NFX Series and SRX Series prior to 18.3R1.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://kb.juniper.net/JSA11096

Scores

CVSS v3 7.5

EPSS 0.0039

EPSS Percentile 60.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (5)

juniper/junos 18.3 (16 CPE variants)

juniper/junos 18.4 (12 CPE variants)

juniper/junos 19.1 (9 CPE variants)

juniper/junos 19.2 (3 CPE variants)

juniper/junos 19.3 (3 CPE variants)

Published Jan 15, 2021

Tracked Since Feb 18, 2026