{"containers":{"cna":{"affected":[{"product":"SBR Carrier","vendor":"Juniper Networks","versions":[{"lessThan":"8.4.1R19","status":"affected","version":"8.4.1","versionType":"custom"},{"lessThan":"8.5.0R10","status":"affected","version":"8.5.0","versionType":"custom"},{"lessThan":"8.6.0R4","status":"affected","version":"8.6.0","versionType":"custom"}]}],"configurations":[{"lang":"en","value":"This issue affects SBR Carrier with EAP authentication configured only when using Enhanced EAP Logging and TraceLevel setting of 2.\n\n  <SBR_Installed_Directory>/JNPRsbr/radius/radius.ini\n  [Logging]\n  LogLevel=2\n  TraceLevel=2\n  EnhancedEAPLogging = yes"}],"datePublic":"2021-07-14T00:00:00.000Z","descriptions":[{"lang":"en","value":"A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). This issue affects Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R19; 8.5.0 versions prior to 8.5.0R10; 8.6.0 versions prior to 8.6.0R4."}],"exploits":[{"lang":"en","value":"Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-121","description":"CWE-121 Stack-based Buffer Overflow","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-07-15T20:00:45.000Z","orgId":"8cbe9d5a-a066-4c94-8978-4b15efeae968","shortName":"juniper"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://kb.juniper.net/JSA11180"}],"solutions":[{"lang":"en","value":"The following software releases have been updated to resolve this specific issue: 8.4.1R19, 8.5.0R10, 8.6.0R4 and all subsequent releases."}],"source":{"advisory":"JSA11180","defect":["1465201"],"discovery":"USER"},"title":"Steel-Belted Radius Carrier Edition: Remote code execution vulnerability when EAP Authentication is configured.","workarounds":[{"lang":"en","value":"There are no viable workarounds for this issue."}],"x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"sirt@juniper.net","DATE_PUBLIC":"2021-07-14T16:00:00.000Z","ID":"CVE-2021-0276","STATE":"PUBLIC","TITLE":"Steel-Belted Radius Carrier Edition: Remote code execution vulnerability when EAP Authentication is configured."},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"SBR Carrier","version":{"version_data":[{"version_affected":"<","version_name":"8.4.1","version_value":"8.4.1R19"},{"version_affected":"<","version_name":"8.5.0","version_value":"8.5.0R10"},{"version_affected":"<","version_name":"8.6.0","version_value":"8.6.0R4"}]}}]},"vendor_name":"Juniper Networks"}]}},"configuration":[{"lang":"en","value":"This issue affects SBR Carrier with EAP authentication configured only when using Enhanced EAP Logging and TraceLevel setting of 2.\n\n  <SBR_Installed_Directory>/JNPRsbr/radius/radius.ini\n  [Logging]\n  LogLevel=2\n  TraceLevel=2\n  EnhancedEAPLogging = yes"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). This issue affects Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R19; 8.5.0 versions prior to 8.5.0R10; 8.6.0 versions prior to 8.6.0R4."}]},"exploit":[{"lang":"en","value":"Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}],"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-121 Stack-based Buffer Overflow"}]}]},"references":{"reference_data":[{"name":"https://kb.juniper.net/JSA11180","refsource":"CONFIRM","url":"https://kb.juniper.net/JSA11180"}]},"solution":[{"lang":"en","value":"The following software releases have been updated to resolve this specific issue: 8.4.1R19, 8.5.0R10, 8.6.0R4 and all subsequent releases."}],"source":{"advisory":"JSA11180","defect":["1465201"],"discovery":"USER"},"work_around":[{"lang":"en","value":"There are no viable workarounds for this issue."}]}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T15:32:10.546Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://kb.juniper.net/JSA11180"}]}]},"cveMetadata":{"assignerOrgId":"8cbe9d5a-a066-4c94-8978-4b15efeae968","assignerShortName":"juniper","cveId":"CVE-2021-0276","datePublished":"2021-07-15T20:00:45.706Z","dateReserved":"2020-10-27T00:00:00.000Z","dateUpdated":"2024-09-16T19:00:01.867Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}