What is CVE-2021-0285?

CVE-2021-0285 is a high-severity vulnerability in Juniper Ex4200, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 7.5/10. Published 2021-07-15.

How severe is CVE-2021-0285?

High severity. CVSS v3 base score is 7.5 out of 10.

Resource exhaustion in Juniper Ex4200

CVE-2021-0285

An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Contro…

EPSS: 0.010 (56.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Juniper Ex4200
Juniper Ex4200-vc
Juniper Ex4300
Juniper Ex4300-24p
Juniper Ex4300-24p-s
Juniper Ex4300-24t
Juniper Ex4300-24t-s
Juniper Ex4300-32f
Juniper Ex4300-32f-dc
Juniper Ex4300-32f-s

Weakness classification (CWE)

CWE-770 — Allocation of Resources Without Limits or Throttling
CWE-400 — Uncontrolled Resource Consumption

References

sirt@juniper.net (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2021-0285?: CVE-2021-0285 is a high-severity vulnerability in Juniper Ex4200, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 7.5/10. Published 2021-07-15.
How severe is CVE-2021-0285?: High severity. CVSS v3 base score is 7.5 out of 10.