NVD Vulnerability Detail

CVE-2021-0289

Summary	When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command "show interfaces <> extensive" and review the output. See further details below. An example output is: show interfaces extensive \| match policer Policer: Input: __default_arp_policer__ <<< incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed Policer: Input: jtac-arp-ae5.317-inet-arp <<< correct if user ARP Policer was applied on an AE interface For all platforms, except SRX Series: This issue affects Juniper Networks Junos OS: All versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; This issue does not affect Juniper Networks Junos OS versions prior to 5.6R1. On SRX Series this issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.4 versions prior to 19.4R3-S4; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. This issue does not affect 18.4 versions prior to 18.4R1 on SRX Series. This issue does not affect Junos OS Evolved.
Publication Date	July 16, 2021, 5:15 a.m.
Registration Date	July 16, 2021, 10 a.m.
Last Update	Nov. 21, 2024, 2:42 p.m.

CVSS3.1 : MEDIUM
スコア	5.3
Vector	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
攻撃元区分(AV)	隣接
攻撃条件の複雑さ(AC)	高
攻撃に必要な特権レベル(PR)	不要
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	高

CVSS2.0 : LOW
Score	2.9
Vector	AV:A/AC:M/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	隣接
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:juniper:junos::::::::		5.7			15.1
cpe:2.3:o:juniper:junos::::::::		15.2			18.4
cpe:2.3:o:juniper:junos:5.6:r1::::::
cpe:2.3:o:juniper:junos:18.4:r2-s8::::::
cpe:2.3:o:juniper:junos:18.4:r3-s8::::::
cpe:2.3:o:juniper:junos:18.4:r3-s7::::::
cpe:2.3:o:juniper:junos:18.4:r2-s7::::::
cpe:2.3:o:juniper:junos:18.4:r1::::::
cpe:2.3:o:juniper:junos:18.4:-::::::
cpe:2.3:o:juniper:junos:18.4:r1-s1::::::
cpe:2.3:o:juniper:junos:18.4:r1-s3::::::
cpe:2.3:o:juniper:junos:18.4:r1-s4::::::
cpe:2.3:o:juniper:junos:18.4:r1-s2::::::
cpe:2.3:o:juniper:junos:18.4:r2::::::
cpe:2.3:o:juniper:junos:18.4:r1-s5::::::
cpe:2.3:o:juniper:junos:18.4:r2-s1::::::
cpe:2.3:o:juniper:junos:18.4:r2-s2::::::
cpe:2.3:o:juniper:junos:18.4:r1-s6::::::
cpe:2.3:o:juniper:junos:18.4:r3-s2::::::
cpe:2.3:o:juniper:junos:18.4:r3-s1::::::
cpe:2.3:o:juniper:junos:18.4:r2-s4::::::
cpe:2.3:o:juniper:junos:18.4:r3::::::
cpe:2.3:o:juniper:junos:18.4:r2-s3::::::
cpe:2.3:o:juniper:junos:18.4:r3-s3::::::
cpe:2.3:o:juniper:junos:18.4:r3-s4::::::
cpe:2.3:o:juniper:junos:18.4:r2-s5::::::
cpe:2.3:o:juniper:junos:18.4:r2-s6::::::
cpe:2.3:o:juniper:junos:18.4:r1-s7::::::
cpe:2.3:o:juniper:junos:18.4:r3-s5::::::
cpe:2.3:o:juniper:junos:18.4:r3-s6::::::
cpe:2.3:o:juniper:junos:19.4:r3::::::
cpe:2.3:o:juniper:junos:19.4:r2::::::
cpe:2.3:o:juniper:junos:19.4:r2-s1::::::
cpe:2.3:o:juniper:junos:19.4:r1-s1::::::
cpe:2.3:o:juniper:junos:19.4:r2-s2::::::
cpe:2.3:o:juniper:junos:19.4:r1-s2::::::
cpe:2.3:o:juniper:junos:19.4:r1::::::
cpe:2.3:o:juniper:junos:19.4:r3-s2::::::
cpe:2.3:o:juniper:junos:19.4:r3-s1::::::
cpe:2.3:o:juniper:junos:19.4:r2-s3::::::
cpe:2.3:o:juniper:junos:19.4:r1-s3::::::
cpe:2.3:o:juniper:junos:20.1:r2::::::
cpe:2.3:o:juniper:junos:20.1:r2-s1::::::
cpe:2.3:o:juniper:junos:20.1:r1-s1::::::
cpe:2.3:o:juniper:junos:20.1:r1::::::
cpe:2.3:o:juniper:junos:20.1:r1-s2::::::
cpe:2.3:o:juniper:junos:20.1:r1-s3::::::
cpe:2.3:o:juniper:junos:20.1:r1-s4::::::
cpe:2.3:o:juniper:junos:20.2:r1-s3::::::
cpe:2.3:o:juniper:junos:20.2:r1-s1::::::
cpe:2.3:o:juniper:junos:20.2:r1-s2::::::
cpe:2.3:o:juniper:junos:20.2:r1::::::
cpe:2.3:o:juniper:junos:20.2:r2::::::
cpe:2.3:o:juniper:junos:20.2:r2-s1::::::
cpe:2.3:o:juniper:junos:20.2:r3::::::
cpe:2.3:o:juniper:junos:20.2:r3-s1::::::
cpe:2.3:o:juniper:junos:20.2:r2-s2::::::
cpe:2.3:o:juniper:junos:20.2:r2-s3::::::
cpe:2.3:o:juniper:junos:20.4:r2::::::
cpe:2.3:o:juniper:junos:20.4:r1-s1::::::
cpe:2.3:o:juniper:junos:20.4:r1::::::
cpe:2.3:o:juniper:junos:20.4:r2-s1::::::
cpe:2.3:o:juniper:junos:21.1:r1::::::
execution environment
1	cpe:2.3:h:juniper:acx1000:-:::::::*
2	cpe:2.3:h:juniper:acx1100:-:::::::*
3	cpe:2.3:h:juniper:acx2000:-:::::::*
4	cpe:2.3:h:juniper:acx2100:-:::::::*
5	cpe:2.3:h:juniper:acx2200:-:::::::*
6	cpe:2.3:h:juniper:acx4000:-:::::::*
7	cpe:2.3:h:juniper:acx500:-:::::::*
8	cpe:2.3:h:juniper:acx5000:-:::::::*
9	cpe:2.3:h:juniper:acx5048:-:::::::*
10	cpe:2.3:h:juniper:acx5096:-:::::::*
11	cpe:2.3:h:juniper:acx5400:-:::::::*
12	cpe:2.3:h:juniper:acx5448:-:::::::*
13	cpe:2.3:h:juniper:acx5800:-:::::::*
14	cpe:2.3:h:juniper:acx6300:-:::::::*
15	cpe:2.3:h:juniper:acx6360:-:::::::*
16	cpe:2.3:h:juniper:acx710:-:::::::*
17	cpe:2.3:h:juniper:atp400:-:::::::*
18	cpe:2.3:h:juniper:atp700:-:::::::*
19	cpe:2.3:h:juniper:csrx:-:::::::*
20	cpe:2.3:h:juniper:ctp150:-:::::::*
21	cpe:2.3:h:juniper:ctp2008:-:::::::*
22	cpe:2.3:h:juniper:ctp2024:-:::::::*
23	cpe:2.3:h:juniper:ctp2056:-:::::::*
24	cpe:2.3:h:juniper:dx:-:::::::*
25	cpe:2.3:h:juniper:dx:5.1:::::::*
26	cpe:2.3:h:juniper:ex_rps:-:::::::*
27	cpe:2.3:h:juniper:ex2200:-:::::::*
28	cpe:2.3:h:juniper:ex2200-c:-:::::::*
29	cpe:2.3:h:juniper:ex2200-vc:-:::::::*
30	cpe:2.3:h:juniper:ex2300:-:::::::*
31	cpe:2.3:h:juniper:ex2300-c:-:::::::*
32	cpe:2.3:h:juniper:ex2300m:-:::::::*
33	cpe:2.3:h:juniper:ex3200:-:::::::*
34	cpe:2.3:h:juniper:ex3300:-:::::::*
35	cpe:2.3:h:juniper:ex3300-vc:-:::::::*
36	cpe:2.3:h:juniper:ex3400:-:::::::*
37	cpe:2.3:h:juniper:ex4200:-:::::::*
38	cpe:2.3:h:juniper:ex4200-vc:-:::::::*
39	cpe:2.3:h:juniper:ex4300:-:::::::*
40	cpe:2.3:h:juniper:ex4300-24p:-:::::::*
41	cpe:2.3:h:juniper:ex4300-24p-s:-:::::::*
42	cpe:2.3:h:juniper:ex4300-24t:-:::::::*
43	cpe:2.3:h:juniper:ex4300-24t-s:-:::::::*
44	cpe:2.3:h:juniper:ex4300-32f:-:::::::*
45	cpe:2.3:h:juniper:ex4300-32f-dc:-:::::::*
46	cpe:2.3:h:juniper:ex4300-32f-s:-:::::::*
47	cpe:2.3:h:juniper:ex4300-48mp:-:::::::*
48	cpe:2.3:h:juniper:ex4300-48mp-s:-:::::::*
49	cpe:2.3:h:juniper:ex4300-48p:-:::::::*
50	cpe:2.3:h:juniper:ex4300-48p-s:-:::::::*
51	cpe:2.3:h:juniper:ex4300-48t:-:::::::*
52	cpe:2.3:h:juniper:ex4300-48t-afi:-:::::::*
53	cpe:2.3:h:juniper:ex4300-48t-dc:-:::::::*
54	cpe:2.3:h:juniper:ex4300-48t-dc-afi:-:::::::*
55	cpe:2.3:h:juniper:ex4300-48t-s:-:::::::*
56	cpe:2.3:h:juniper:ex4300-48tafi:-:::::::*
57	cpe:2.3:h:juniper:ex4300-48tdc:-:::::::*
58	cpe:2.3:h:juniper:ex4300-48tdc-afi:-:::::::*
59	cpe:2.3:h:juniper:ex4300-mp:-:::::::*
60	cpe:2.3:h:juniper:ex4300-vc:-:::::::*
61	cpe:2.3:h:juniper:ex4300m:-:::::::*
62	cpe:2.3:h:juniper:ex4400:-:::::::*
63	cpe:2.3:h:juniper:ex4500:-:::::::*
64	cpe:2.3:h:juniper:ex4500-vc:-:::::::*
65	cpe:2.3:h:juniper:ex4550:-:::::::*
66	cpe:2.3:h:juniper:ex4550-vc:-:::::::*
67	cpe:2.3:h:juniper:ex4550\/vc:-:::::::*
68	cpe:2.3:h:juniper:ex4600:-:::::::*
69	cpe:2.3:h:juniper:ex4600-vc:-:::::::*
70	cpe:2.3:h:juniper:ex4650:-:::::::*
71	cpe:2.3:h:juniper:ex6200:-:::::::*
72	cpe:2.3:h:juniper:ex6210:-:::::::*
73	cpe:2.3:h:juniper:ex8200:-:::::::*
74	cpe:2.3:h:juniper:ex8200-vc:-:::::::*
75	cpe:2.3:h:juniper:ex8208:-:::::::*
76	cpe:2.3:h:juniper:ex8216:-:::::::*
77	cpe:2.3:h:juniper:ex9200:-:::::::*
78	cpe:2.3:h:juniper:ex9204:-:::::::*
79	cpe:2.3:h:juniper:ex9208:-:::::::*
80	cpe:2.3:h:juniper:ex9214:-:::::::*
81	cpe:2.3:h:juniper:ex9250:-:::::::*
82	cpe:2.3:h:juniper:ex9251:-:::::::*
83	cpe:2.3:h:juniper:ex9253:-:::::::*
84	cpe:2.3:h:juniper:fips_infranet_controller_6500:-:::::::*
85	cpe:2.3:h:juniper:fips_secure_access_4000:-:::::::*
86	cpe:2.3:h:juniper:fips_secure_access_4500:-:::::::*
87	cpe:2.3:h:juniper:fips_secure_access_6000:-:::::::*
88	cpe:2.3:h:juniper:fips_secure_access_6500:-:::::::*
89	cpe:2.3:h:juniper:gfx3600:-:::::::*
90	cpe:2.3:h:juniper:idp250:-:::::::*
91	cpe:2.3:h:juniper:idp75:-:::::::*
92	cpe:2.3:h:juniper:idp800:-:::::::*
93	cpe:2.3:h:juniper:idp8200:-:::::::*
94	cpe:2.3:h:juniper:infranet_controller_4000:-:::::::*
95	cpe:2.3:h:juniper:infranet_controller_4500:-:::::::*
96	cpe:2.3:h:juniper:infranet_controller_6000:-:::::::*
97	cpe:2.3:h:juniper:infranet_controller_6500:-:::::::*
98	cpe:2.3:h:juniper:jatp:400:::::::*
99	cpe:2.3:h:juniper:jatp:700:::::::*
100	cpe:2.3:h:juniper:junos:-:::::::*
101	cpe:2.3:h:juniper:junos_space_ja1500_appliance:-:::::::*
102	cpe:2.3:h:juniper:junos_space_ja2500_appliance:-:::::::*
103	cpe:2.3:h:juniper:ln1000:-:::::::*
104	cpe:2.3:h:juniper:ln2600:-:::::::*
105	cpe:2.3:h:juniper:m10i:-:::::::*
106	cpe:2.3:h:juniper:m120:-:::::::*
107	cpe:2.3:h:juniper:m320:-:::::::*
108	cpe:2.3:h:juniper:m7i:-:::::::*
109	cpe:2.3:h:juniper:mag2600_gateway:-:::::::*
110	cpe:2.3:h:juniper:mag4610_gateway:-:::::::*
111	cpe:2.3:h:juniper:mag6610_gateway:-:::::::*
112	cpe:2.3:h:juniper:mag6611_gateway:-:::::::*
113	cpe:2.3:h:juniper:mx:-:::::::*
114	cpe:2.3:h:juniper:mx10:-:::::::*
115	cpe:2.3:h:juniper:mx10000:-:::::::*
116	cpe:2.3:h:juniper:mx10003:-:::::::*
117	cpe:2.3:h:juniper:mx10008:-:::::::*
118	cpe:2.3:h:juniper:mx10016:-:::::::*
119	cpe:2.3:h:juniper:mx104:-:::::::*
120	cpe:2.3:h:juniper:mx150:-:::::::*
121	cpe:2.3:h:juniper:mx2008:-:::::::*
122	cpe:2.3:h:juniper:mx2010:-:::::::*
123	cpe:2.3:h:juniper:mx2020:-:::::::*
124	cpe:2.3:h:juniper:mx204:-:::::::*
125	cpe:2.3:h:juniper:mx240:-:::::::*
126	cpe:2.3:h:juniper:mx40:-:::::::*
127	cpe:2.3:h:juniper:mx480:-:::::::*
128	cpe:2.3:h:juniper:mx5:-:::::::*
129	cpe:2.3:h:juniper:mx80:-:::::::*
130	cpe:2.3:h:juniper:mx960:-:::::::*
131	cpe:2.3:h:juniper:netscreen-5200:-:::::::*
132	cpe:2.3:h:juniper:netscreen-5400:-:::::::*
133	cpe:2.3:h:juniper:netscreen-5gt:-:::::::*
134	cpe:2.3:h:juniper:netscreen-5gt:5.0:::::::*
135	cpe:2.3:h:juniper:netscreen-idp:3.0:::::::*
136	cpe:2.3:h:juniper:netscreen-idp:3.0r1:::::::*
137	cpe:2.3:h:juniper:netscreen-idp:3.0r2:::::::*
138	cpe:2.3:h:juniper:netscreen-idp_10:-:::::::*
139	cpe:2.3:h:juniper:netscreen-idp_100:-:::::::*
140	cpe:2.3:h:juniper:netscreen-idp_1000:-:::::::*
141	cpe:2.3:h:juniper:netscreen-idp_500:-:::::::*
142	cpe:2.3:h:juniper:nfx:-:::::::*
143	cpe:2.3:h:juniper:nfx150:-:::::::*
144	cpe:2.3:h:juniper:nfx250:-:::::::*
145	cpe:2.3:h:juniper:nfx350:-:::::::*
146	cpe:2.3:h:juniper:nsm3000:-:::::::*
147	cpe:2.3:h:juniper:nsmexpress:-:::::::*
148	cpe:2.3:h:juniper:ocx1100:-:::::::*
149	cpe:2.3:h:juniper:ptx1000:-:::::::*
150	cpe:2.3:h:juniper:ptx1000-72q:-:::::::*
151	cpe:2.3:h:juniper:ptx10000:-:::::::*
152	cpe:2.3:h:juniper:ptx10001:-:::::::*
153	cpe:2.3:h:juniper:ptx10001-36mr:-:::::::*
154	cpe:2.3:h:juniper:ptx100016:-:::::::*
155	cpe:2.3:h:juniper:ptx10002:-:::::::*
156	cpe:2.3:h:juniper:ptx10002-60c:-:::::::*
157	cpe:2.3:h:juniper:ptx10003:-:::::::*
158	cpe:2.3:h:juniper:ptx10003_160c:-:::::::*
159	cpe:2.3:h:juniper:ptx10003_80c:-:::::::*
160	cpe:2.3:h:juniper:ptx10003_81cd:-:::::::*
161	cpe:2.3:h:juniper:ptx10004:-:::::::*
162	cpe:2.3:h:juniper:ptx10008:-:::::::*
163	cpe:2.3:h:juniper:ptx10016:-:::::::*
164	cpe:2.3:h:juniper:ptx3000:-:::::::*
165	cpe:2.3:h:juniper:ptx5000:-:::::::*
166	cpe:2.3:h:juniper:qfx10000:-:::::::*
167	cpe:2.3:h:juniper:qfx10002:-:::::::*
168	cpe:2.3:h:juniper:qfx10002-32q:-:::::::*
169	cpe:2.3:h:juniper:qfx10002-60c:-:::::::*
170	cpe:2.3:h:juniper:qfx10002-72q:-:::::::*
171	cpe:2.3:h:juniper:qfx10008:-:::::::*
172	cpe:2.3:h:juniper:qfx10016:-:::::::*
173	cpe:2.3:h:juniper:qfx3000-g:-:::::::*
174	cpe:2.3:h:juniper:qfx3000-m:-:::::::*
175	cpe:2.3:h:juniper:qfx3008-i:-:::::::*
176	cpe:2.3:h:juniper:qfx3100:-:::::::*
177	cpe:2.3:h:juniper:qfx3500:-:::::::*
178	cpe:2.3:h:juniper:qfx3600:-:::::::*
179	cpe:2.3:h:juniper:qfx3600-i:-:::::::*
180	cpe:2.3:h:juniper:qfx5100:-:::::::*
181	cpe:2.3:h:juniper:qfx5100-96s:-:::::::*
182	cpe:2.3:h:juniper:qfx5110:-:::::::*
183	cpe:2.3:h:juniper:qfx5120:-:::::::*
184	cpe:2.3:h:juniper:qfx5130:-:::::::*
185	cpe:2.3:h:juniper:qfx5200:-:::::::*
186	cpe:2.3:h:juniper:qfx5200-32c:-:::::::*
187	cpe:2.3:h:juniper:qfx5200-48y:-:::::::*
188	cpe:2.3:h:juniper:qfx5210:-:::::::*
189	cpe:2.3:h:juniper:qfx5210-64c:-:::::::*
190	cpe:2.3:h:juniper:qfx5220:-:::::::*
191	cpe:2.3:h:juniper:router_m10:-:::::::*
192	cpe:2.3:h:juniper:router_m16:-:::::::*
193	cpe:2.3:h:juniper:router_m20:-:::::::*
194	cpe:2.3:h:juniper:router_m40:-:::::::*
195	cpe:2.3:h:juniper:router_m5:-:::::::*
196	cpe:2.3:h:juniper:secure_access_2000:-:::::::*
197	cpe:2.3:h:juniper:secure_access_2500:-:::::::*
198	cpe:2.3:h:juniper:secure_access_4000:-:::::::*
199	cpe:2.3:h:juniper:secure_access_4500:-:::::::*
200	cpe:2.3:h:juniper:secure_access_6000:-:::::::*
201	cpe:2.3:h:juniper:secure_access_6500:-:::::::*
202	cpe:2.3:h:juniper:secure_access_700:-:::::::*
203	cpe:2.3:h:juniper:t1600:-:::::::*
204	cpe:2.3:h:juniper:t320:-:::::::*
205	cpe:2.3:h:juniper:t4000:-:::::::*
206	cpe:2.3:h:juniper:t640:-:::::::*
207	cpe:2.3:h:juniper:xre200:-:::::::*

Configuration2		or higher	or less	more than	less than
cpe:2.3:o:juniper:junos:18.4:r1::::::
cpe:2.3:o:juniper:junos:18.4:-::::::
cpe:2.3:o:juniper:junos:18.4:r1-s1::::::
cpe:2.3:o:juniper:junos:18.4:r1-s3::::::
cpe:2.3:o:juniper:junos:18.4:r1-s4::::::
cpe:2.3:o:juniper:junos:18.4:r1-s2::::::
cpe:2.3:o:juniper:junos:18.4:r2::::::
cpe:2.3:o:juniper:junos:18.4:r1-s5::::::
cpe:2.3:o:juniper:junos:18.4:r2-s1::::::
cpe:2.3:o:juniper:junos:18.4:r2-s2::::::
cpe:2.3:o:juniper:junos:18.4:r1-s6::::::
cpe:2.3:o:juniper:junos:18.4:r3-s2::::::
cpe:2.3:o:juniper:junos:18.4:r3-s1::::::
cpe:2.3:o:juniper:junos:18.4:r2-s4::::::
cpe:2.3:o:juniper:junos:18.4:r3::::::
cpe:2.3:o:juniper:junos:18.4:r2-s3::::::
cpe:2.3:o:juniper:junos:18.4:r3-s3::::::
cpe:2.3:o:juniper:junos:18.4:r3-s4::::::
cpe:2.3:o:juniper:junos:18.4:r2-s5::::::
cpe:2.3:o:juniper:junos:18.4:r2-s6::::::
cpe:2.3:o:juniper:junos:18.4:r1-s7::::::
cpe:2.3:o:juniper:junos:18.4:r3-s5::::::
cpe:2.3:o:juniper:junos:18.4:r3-s6::::::
cpe:2.3:o:juniper:junos:18.4:r3-s7::::::
cpe:2.3:o:juniper:junos:18.4:r2-s7::::::
cpe:2.3:o:juniper:junos:18.4:r2-s8::::::
cpe:2.3:o:juniper:junos:18.4:r3-s8::::::
cpe:2.3:o:juniper:junos:19.4:r3-s2::::::
cpe:2.3:o:juniper:junos:19.4:r3-s3::::::
cpe:2.3:o:juniper:junos:19.4:r3-s1::::::
cpe:2.3:o:juniper:junos:19.4:r2-s3::::::
cpe:2.3:o:juniper:junos:19.4:r1-s3::::::
cpe:2.3:o:juniper:junos:19.4:r3::::::
cpe:2.3:o:juniper:junos:19.4:r2::::::
cpe:2.3:o:juniper:junos:19.4:r2-s1::::::
cpe:2.3:o:juniper:junos:19.4:r1-s1::::::
cpe:2.3:o:juniper:junos:19.4:r2-s2::::::
cpe:2.3:o:juniper:junos:19.4:r1-s2::::::
cpe:2.3:o:juniper:junos:19.4:r1::::::
cpe:2.3:o:juniper:junos:20.1:r1-s1::::::
cpe:2.3:o:juniper:junos:20.1:r1::::::
cpe:2.3:o:juniper:junos:20.1:r1-s2::::::
cpe:2.3:o:juniper:junos:20.1:r1-s3::::::
cpe:2.3:o:juniper:junos:20.1:r1-s4::::::
cpe:2.3:o:juniper:junos:20.1:r2::::::
cpe:2.3:o:juniper:junos:20.1:r2-s1::::::
cpe:2.3:o:juniper:junos:20.2:r2-s3::::::
cpe:2.3:o:juniper:junos:20.2:r3::::::
cpe:2.3:o:juniper:junos:20.2:r3-s1::::::
cpe:2.3:o:juniper:junos:20.2:r1-s3::::::
cpe:2.3:o:juniper:junos:20.2:r2::::::
cpe:2.3:o:juniper:junos:20.2:r2-s1::::::
cpe:2.3:o:juniper:junos:20.2:r2-s2::::::
cpe:2.3:o:juniper:junos:20.2:r1::::::
cpe:2.3:o:juniper:junos:20.2:r1-s1::::::
cpe:2.3:o:juniper:junos:20.2:r1-s2::::::
cpe:2.3:o:juniper:junos:20.3:r1-s1::::::
cpe:2.3:o:juniper:junos:20.3:r1::::::
cpe:2.3:o:juniper:junos:20.3:r2::::::
cpe:2.3:o:juniper:junos:20.4:r1-s1::::::
cpe:2.3:o:juniper:junos:20.4:r1::::::
cpe:2.3:o:juniper:junos:21.1:r1-s1::::::
execution environment
1	cpe:2.3:h:juniper:srx100:-:::::::*
2	cpe:2.3:h:juniper:srx110:-:::::::*
3	cpe:2.3:h:juniper:srx1400:-:::::::*
4	cpe:2.3:h:juniper:srx1500:-:::::::*
5	cpe:2.3:h:juniper:srx210:-:::::::*
6	cpe:2.3:h:juniper:srx220:-:::::::*
7	cpe:2.3:h:juniper:srx240:-:::::::*
8	cpe:2.3:h:juniper:srx240h2:-:::::::*
9	cpe:2.3:h:juniper:srx300:-:::::::*
10	cpe:2.3:h:juniper:srx320:-:::::::*
11	cpe:2.3:h:juniper:srx340:-:::::::*
12	cpe:2.3:h:juniper:srx3400:-:::::::*
13	cpe:2.3:h:juniper:srx345:-:::::::*
14	cpe:2.3:h:juniper:srx3600:-:::::::*
15	cpe:2.3:h:juniper:srx380:-:::::::*
16	cpe:2.3:h:juniper:srx4000:-:::::::*
17	cpe:2.3:h:juniper:srx4100:-:::::::*
18	cpe:2.3:h:juniper:srx4200:-:::::::*
19	cpe:2.3:h:juniper:srx4600:-:::::::*
20	cpe:2.3:h:juniper:srx5000:-:::::::*
21	cpe:2.3:h:juniper:srx5400:-:::::::*
22	cpe:2.3:h:juniper:srx550:-:::::::*
23	cpe:2.3:h:juniper:srx550_hm:-:::::::*
24	cpe:2.3:h:juniper:srx550m:-:::::::*
25	cpe:2.3:h:juniper:srx5600:-:::::::*
26	cpe:2.3:h:juniper:srx5800:-:::::::*
27	cpe:2.3:h:juniper:srx650:-:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	https://kb.juniper.net/JSA11191		Vendor Advisory
2	https://kb.juniper.net/JSA11191		Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-367	Time-of-check Time-of-use (TOCTOU) 競合状態	https://cwe.mitre.org/data/definitions/367.html

JVN Vulnerability Information

Juniper Networks Junos OS における Time-of-check Time-of-use (TOCTOU) 競合状態の脆弱性

Title	Juniper Networks Junos OS における Time-of-check Time-of-use (TOCTOU) 競合状態の脆弱性
Summary	Juniper Networks Junos OS には、Time-of-check Time-of-use (TOCTOU) 競合状態の脆弱性が存在します。
Possible impacts	サービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	July 14, 2021, midnight
Registration Date	April 15, 2022, 2:13 p.m.
Last Update	April 15, 2022, 2:13 p.m.

Affected System

ジュニパーネットワークス

Junos OS

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2021-0289	https://www.cve.org/CVERecord?id=CVE-2021-0289
National Vulnerability Database (NVD)
2	CVE-2021-0289	https://nvd.nist.gov/vuln/detail/CVE-2021-0289

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-367	https://cwe.mitre.org/data/definitions/367.html

ベンダー情報

No	Name	URL
Security Bulletin
1	JSA11191	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11191&actp=METADATA

Change Log

No	Changed Details	Date of change
1	[2022年03月30日] 掲載	March 30, 2022, 10:41 a.m.

Configuration2		or higher	or less	more than	less than
cpe:2.3:o:juniper:junos:18.4:r1::::::
cpe:2.3:o:juniper:junos:18.4:-::::::
cpe:2.3:o:juniper:junos:18.4:r1-s1::::::
cpe:2.3:o:juniper:junos:18.4:r1-s3::::::
cpe:2.3:o:juniper:junos:18.4:r1-s4::::::
cpe:2.3:o:juniper:junos:18.4:r1-s2::::::
cpe:2.3:o:juniper:junos:18.4:r2::::::
cpe:2.3:o:juniper:junos:18.4:r1-s5::::::
cpe:2.3:o:juniper:junos:18.4:r2-s1::::::
cpe:2.3:o:juniper:junos:18.4:r2-s2::::::
cpe:2.3:o:juniper:junos:18.4:r1-s6::::::
cpe:2.3:o:juniper:junos:18.4:r3-s2::::::
cpe:2.3:o:juniper:junos:18.4:r3-s1::::::
cpe:2.3:o:juniper:junos:18.4:r2-s4::::::
cpe:2.3:o:juniper:junos:18.4:r3::::::
cpe:2.3:o:juniper:junos:18.4:r2-s3::::::
cpe:2.3:o:juniper:junos:18.4:r3-s3::::::
cpe:2.3:o:juniper:junos:18.4:r3-s4::::::
cpe:2.3:o:juniper:junos:18.4:r2-s5::::::
cpe:2.3:o:juniper:junos:18.4:r2-s6::::::
cpe:2.3:o:juniper:junos:18.4:r1-s7::::::
cpe:2.3:o:juniper:junos:18.4:r3-s5::::::
cpe:2.3:o:juniper:junos:18.4:r3-s6::::::
cpe:2.3:o:juniper:junos:18.4:r3-s7::::::
cpe:2.3:o:juniper:junos:18.4:r2-s7::::::
cpe:2.3:o:juniper:junos:18.4:r2-s8::::::
cpe:2.3:o:juniper:junos:18.4:r3-s8::::::
cpe:2.3:o:juniper:junos:19.4:r3-s2::::::
cpe:2.3:o:juniper:junos:19.4:r3-s3::::::
cpe:2.3:o:juniper:junos:19.4:r3-s1::::::
cpe:2.3:o:juniper:junos:19.4:r2-s3::::::
cpe:2.3:o:juniper:junos:19.4:r1-s3::::::
cpe:2.3:o:juniper:junos:19.4:r3::::::
cpe:2.3:o:juniper:junos:19.4:r2::::::
cpe:2.3:o:juniper:junos:19.4:r2-s1::::::
cpe:2.3:o:juniper:junos:19.4:r1-s1::::::
cpe:2.3:o:juniper:junos:19.4:r2-s2::::::
cpe:2.3:o:juniper:junos:19.4:r1-s2::::::
cpe:2.3:o:juniper:junos:19.4:r1::::::
cpe:2.3:o:juniper:junos:20.1:r1-s1::::::
cpe:2.3:o:juniper:junos:20.1:r1::::::
cpe:2.3:o:juniper:junos:20.1:r1-s2::::::
cpe:2.3:o:juniper:junos:20.1:r1-s3::::::
cpe:2.3:o:juniper:junos:20.1:r1-s4::::::
cpe:2.3:o:juniper:junos:20.1:r2::::::
cpe:2.3:o:juniper:junos:20.1:r2-s1::::::
cpe:2.3:o:juniper:junos:20.2:r2-s3::::::
cpe:2.3:o:juniper:junos:20.2:r3::::::
cpe:2.3:o:juniper:junos:20.2:r3-s1::::::
cpe:2.3:o:juniper:junos:20.2:r1-s3::::::
cpe:2.3:o:juniper:junos:20.2:r2::::::
cpe:2.3:o:juniper:junos:20.2:r2-s1::::::
cpe:2.3:o:juniper:junos:20.2:r2-s2::::::
cpe:2.3:o:juniper:junos:20.2:r1::::::
cpe:2.3:o:juniper:junos:20.2:r1-s1::::::
cpe:2.3:o:juniper:junos:20.2:r1-s2::::::
cpe:2.3:o:juniper:junos:20.3:r1-s1::::::
cpe:2.3:o:juniper:junos:20.3:r1::::::
cpe:2.3:o:juniper:junos:20.3:r2::::::
cpe:2.3:o:juniper:junos:20.4:r1-s1::::::
cpe:2.3:o:juniper:junos:20.4:r1::::::
cpe:2.3:o:juniper:junos:21.1:r1-s1::::::
execution environment
1	cpe:2.3:h:juniper:srx100:-:::::::*
2	cpe:2.3:h:juniper:srx110:-:::::::*
3	cpe:2.3:h:juniper:srx1400:-:::::::*
4	cpe:2.3:h:juniper:srx1500:-:::::::*
5	cpe:2.3:h:juniper:srx210:-:::::::*
6	cpe:2.3:h:juniper:srx220:-:::::::*
7	cpe:2.3:h:juniper:srx240:-:::::::*
8	cpe:2.3:h:juniper:srx240h2:-:::::::*
9	cpe:2.3:h:juniper:srx300:-:::::::*
10	cpe:2.3:h:juniper:srx320:-:::::::*
11	cpe:2.3:h:juniper:srx340:-:::::::*
12	cpe:2.3:h:juniper:srx3400:-:::::::*
13	cpe:2.3:h:juniper:srx345:-:::::::*
14	cpe:2.3:h:juniper:srx3600:-:::::::*
15	cpe:2.3:h:juniper:srx380:-:::::::*
16	cpe:2.3:h:juniper:srx4000:-:::::::*
17	cpe:2.3:h:juniper:srx4100:-:::::::*
18	cpe:2.3:h:juniper:srx4200:-:::::::*
19	cpe:2.3:h:juniper:srx4600:-:::::::*
20	cpe:2.3:h:juniper:srx5000:-:::::::*
21	cpe:2.3:h:juniper:srx5400:-:::::::*
22	cpe:2.3:h:juniper:srx550:-:::::::*
23	cpe:2.3:h:juniper:srx550_hm:-:::::::*
24	cpe:2.3:h:juniper:srx550m:-:::::::*
25	cpe:2.3:h:juniper:srx5600:-:::::::*
26	cpe:2.3:h:juniper:srx5800:-:::::::*
27	cpe:2.3:h:juniper:srx650:-:::::::*