1. Home
  2. CVE Database
  3. CVE-2021-0249
HIGH · 8.1

CVE-2021-0249

On SRX Series devices configured with UTM services a buffer overflow vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS may allow an attacker to arbitrarily execute code ...

Vulnerability Description

On SRX Series devices configured with UTM services a buffer overflow vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS may allow an attacker to arbitrarily execute code or commands on the target to take over or otherwise impact the device by sending crafted packets to or through the device. This issue affects: Juniper Networks Junos OS on SRX Series: 15.1X49 versions prior to 15.1X49-D190; 17.4 versions prior to 17.4R2-S9; 17.4R3 and later versions prior to 18.1R3-S9; 18.2 versions prior to 18.2R3-S1; 18.3 versions prior to 18.3R2-S3, 18.3R3; 18.4 versions prior to 18.4R2-S3, 18.4R3; 19.1 versions prior to 19.1R1-S4, 19.1R2; 19.2 versions prior to 19.2R1-S1, 19.2R2. An indicator of compromise can be the following text in the UTM log: RT_UTM: AV_FILE_NOT_SCANNED_PASSED_MT:

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
JuniperJunos15.1x49
JuniperSrx1500-
JuniperSrx300-
JuniperSrx320-
JuniperSrx340-
JuniperSrx345-
JuniperSrx380-
JuniperSrx4100-
JuniperSrx4200-
JuniperSrx4600-
JuniperSrx5400-
JuniperSrx550-
JuniperSrx5600-
JuniperSrx5800-

Related Weaknesses (CWE)

CWE-120

References

FAQ

What is CVE-2021-0249?

CVE-2021-0249 is a vulnerability with a CVSS score of 8.1 (HIGH). On SRX Series devices configured with UTM services a buffer overflow vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS may allow an attacker to arbitrarily execute code ...

How severe is CVE-2021-0249?

CVE-2021-0249 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-0249?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Srx1500, Juniper Srx300, Juniper Srx320, Juniper Srx340.