What is CVE-2021-0249?

CVE-2021-0249 is a high-severity vulnerability in Juniper Junos, classified under Buffer Copy without Checking Size of Input (Classic Buffer Overflow). CVSS score: 8.1/10. Published 2021-04-22.

How severe is CVE-2021-0249?

High severity. CVSS v3 base score is 8.1 out of 10.

Buffer overflow in Juniper Junos

CVE-2021-0249

On SRX Series devices configured with UTM services a buffer overflow vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS may allow an attacker to arbitrarily execute code or commands on the target to take over…

Vulnerability class: Buffer Overflow

EPSS: 0.018 (76.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Juniper Junos — versions 15.1x49, 17.4, 18.1
Juniper Srx1500
Juniper Srx300
Juniper Srx320
Juniper Srx340
Juniper Srx345
Juniper Srx380
Juniper Srx4100
Juniper Srx4200
Juniper Srx4600

Weakness classification (CWE)

CWE-120 — Buffer Copy without Checking Size of Input (Classic Buffer Overflow)

References

sirt@juniper.net (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2021-0249?: CVE-2021-0249 is a high-severity vulnerability in Juniper Junos, classified under Buffer Copy without Checking Size of Input (Classic Buffer Overflow). CVSS score: 8.1/10. Published 2021-04-22.
How severe is CVE-2021-0249?: High severity. CVSS v3 base score is 8.1 out of 10.