CVE-2021-0203 : Security Advisory and Response

This article provides details about the CVE-2021-0203 vulnerability in Juniper Networks EX and QFX5K Series platforms related to Storm Control configurations.

Understanding CVE-2021-0203

This CVE affects Junos OS versions prior to 20.2R1 on the mentioned platforms when Redundant Trunk Group is configured.

What is CVE-2021-0203?

The vulnerability arises when the Storm Control profile, used to monitor and drop traffic levels, fails to work as intended on RTG interfaces of affected platforms.

The Impact of CVE-2021-0203

The vulnerability leads to Storm Control not effectively preventing packet proliferation under threshold conditions, impacting LAN performance.

Technical Details of CVE-2021-0203

The issue affects Junos OS on EX and QFX5K Series platforms and can pose a high severity threat based on the CVSS v3.1 score.

Vulnerability Description

Juniper SIRT has not detected any malicious exploitation of this vulnerability, but affected platforms should apply the provided solutions promptly.

Affected Systems and Versions

The vulnerability affects Junos OS versions up to 20.1R2 on EX and QFX5K Series platforms with specific configurations.

Exploitation Mechanism

Exploitation details or known methods are not disclosed in public domain for CVE-2021-0203.

Mitigation and Prevention

Here's what you need to do to secure your systems against CVE-2021-0203.

Immediate Steps to Take

Ensure you apply the recommended software releases mentioned in the solution section to resolve the vulnerability.

Long-Term Security Practices

Regularly update your Junos OS to the latest recommended versions and configurations to mitigate potential risks.

Patching and Updates

Use the provided software releases to address the Storm Control issue, ensuring the security of Redundant Trunk Group configurations.