CWE-754
Allowed-with-ReviewImproper Check for Unusual or Exceptional Conditions
Abstraction: Class · Status: Incomplete
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
905 vulnerabilities reference this CWE, most recent first.
CVE-2021-39162 (GCVE-0-2021-39162)
Vulnerability from cvelistv5 – Published: 2021-09-09 22:05 – Updated: 2024-08-04 01:58- CWE-754 - Improper Check for Unusual or Exceptional Conditions
| URL | Tags |
|---|---|
| https://groups.google.com/g/envoy-announce/c/5xBp… | x_refsource_MISC |
| https://github.com/pomerium/pomerium/security/adv… | x_refsource_CONFIRM |
| https://github.com/envoyproxy/envoy/security/advi… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:58:18.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJ"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/pomerium/pomerium/security/advisories/GHSA-gjcg-vrxg-xmgv"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j374-mjrw-vvp8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "pomerium",
"vendor": "pomerium",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.15.0, \u003c 0.15.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, can abnormally terminate if an H/2 GOAWAY and SETTINGS frame are received in the same IO event. This can lead to a DoS in the presence of untrusted *upstream* servers. 0.15.1 contains an upgraded envoy binary with this vulnerability patched. If only trusted upstreams are configured, there is not substantial risk of this condition being triggered."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-09T22:05:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJ"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pomerium/pomerium/security/advisories/GHSA-gjcg-vrxg-xmgv"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j374-mjrw-vvp8"
}
],
"source": {
"advisory": "GHSA-gjcg-vrxg-xmgv",
"discovery": "UNKNOWN"
},
"title": "Incorrect handling of H2 GOAWAY + SETTINGS frames",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-39162",
"STATE": "PUBLIC",
"TITLE": "Incorrect handling of H2 GOAWAY + SETTINGS frames"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "pomerium",
"version": {
"version_data": [
{
"version_value": "\u003e= 0.15.0, \u003c 0.15.1"
}
]
}
}
]
},
"vendor_name": "pomerium"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, can abnormally terminate if an H/2 GOAWAY and SETTINGS frame are received in the same IO event. This can lead to a DoS in the presence of untrusted *upstream* servers. 0.15.1 contains an upgraded envoy binary with this vulnerability patched. If only trusted upstreams are configured, there is not substantial risk of this condition being triggered."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJ",
"refsource": "MISC",
"url": "https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJ"
},
{
"name": "https://github.com/pomerium/pomerium/security/advisories/GHSA-gjcg-vrxg-xmgv",
"refsource": "CONFIRM",
"url": "https://github.com/pomerium/pomerium/security/advisories/GHSA-gjcg-vrxg-xmgv"
},
{
"name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j374-mjrw-vvp8",
"refsource": "MISC",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j374-mjrw-vvp8"
}
]
},
"source": {
"advisory": "GHSA-gjcg-vrxg-xmgv",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-39162",
"datePublished": "2021-09-09T22:05:11.000Z",
"dateReserved": "2021-08-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:58:18.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37862 (GCVE-0-2021-37862)
Vulnerability from cvelistv5 – Published: 2021-12-17 16:10 – Updated: 2024-08-04 01:30- CWE-754 - Improper Check for Unusual or Exceptional Conditions
| URL | Tags |
|---|---|
| https://mattermost.com/security-updates/ | x_refsource_MISC |
| https://hackerone.com/reports/1357013 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Mattermost | Mattermost |
Affected:
unspecified , ≤ 6.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:30:09.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://mattermost.com/security-updates/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1357013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Mattermost",
"vendor": "Mattermost",
"versions": [
{
"lessThanOrEqual": "6.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mattermost 6.0 and earlier fails to sufficiently validate the email address during registration, which allows attackers to trick users into signing up using attacker-controlled email addresses via crafted invitation token."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-17T16:10:29.000Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://mattermost.com/security-updates/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1357013"
}
],
"source": {
"advisory": "MMSA-2021-0074",
"defect": [
"https://mattermost.atlassian.net/browse/MM-39205"
],
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "responsibledisclosure@mattermost.com",
"ID": "CVE-2021-37862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Mattermost",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "6.0"
}
]
}
}
]
},
"vendor_name": "Mattermost"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mattermost 6.0 and earlier fails to sufficiently validate the email address during registration, which allows attackers to trick users into signing up using attacker-controlled email addresses via crafted invitation token."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://mattermost.com/security-updates/",
"refsource": "MISC",
"url": "https://mattermost.com/security-updates/"
},
{
"name": "https://hackerone.com/reports/1357013",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1357013"
}
]
},
"source": {
"advisory": "MMSA-2021-0074",
"defect": [
"https://mattermost.atlassian.net/browse/MM-39205"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2021-37862",
"datePublished": "2021-12-17T16:10:29.000Z",
"dateReserved": "2021-08-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:30:09.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33605 (GCVE-0-2021-33605)
Vulnerability from cvelistv5 – Published: 2021-08-25 12:12 – Updated: 2024-09-17 02:53- CWE-754 - Improper Check for Unusual or Exceptional Conditions
| URL | Tags |
|---|---|
| https://vaadin.com/security/cve-2021-33605 | x_refsource_CONFIRM |
| https://github.com/vaadin/flow-components/pull/1903 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Vaadin | Vaadin |
Affected:
12.0.0 , < unspecified
(custom)
Affected: unspecified , < 14.0.0 (custom) Affected: 14.0.0 , < unspecified (custom) Affected: unspecified , < 14.5.0 (custom) Affected: 15.0.0 , < unspecified (custom) Affected: unspecified , ≤ 17.0.11 (custom) Affected: 14.5.0 , < unspecified (custom) Affected: unspecified , ≤ 14.6.7 (custom) Affected: 18.0.0 , < unspecified (custom) Affected: unspecified , ≤ 20.0.5 (custom) |
|
| Vaadin | vaadin-checkbox-flow |
Affected:
1.2.0 , < unspecified
(custom)
Affected: unspecified , < 2.0.0 (custom) Affected: 2.0.0 , < unspecified (custom) Affected: unspecified , < 3.0.0 (custom) Affected: 3.0.0 , < unspecified (custom) Affected: unspecified , ≤ 4.0.1 (custom) Affected: 14.5.0 , < unspecified (custom) Affected: unspecified , ≤ 14.6.7 (custom) Affected: 18.0.0 , < unspecified (custom) Affected: unspecified , ≤ 20.0.5 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:50:43.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://vaadin.com/security/cve-2021-33605"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/vaadin/flow-components/pull/1903"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Vaadin",
"vendor": "Vaadin",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "12.0.0",
"versionType": "custom"
},
{
"lessThan": "14.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
},
{
"lessThan": "14.5.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "17.0.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "14.5.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "14.6.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "18.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "vaadin-checkbox-flow",
"vendor": "Vaadin",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
},
{
"lessThan": "2.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "3.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.0.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "14.5.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "14.6.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "affected",
"version": "18.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "20.0.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper check in CheckboxGroup in com.vaadin:vaadin-checkbox-flow versions 1.2.0 prior to 2.0.0 (Vaadin 12.0.0 prior to 14.0.0), 2.0.0 prior to 3.0.0 (Vaadin 14.0.0 prior to 14.5.0), 3.0.0 through 4.0.1 (Vaadin 15.0.0 through 17.0.11), 14.5.0 through 14.6.7 (Vaadin 14.5.0 through 14.6.7), and 18.0.0 through 20.0.5 (Vaadin 18.0.0 through 20.0.5) allows attackers to modify the value of a disabled Checkbox inside enabled CheckboxGroup component via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-25T12:12:41.000Z",
"orgId": "9e0f3122-90e9-42d5-93de-8c6b98deef7e",
"shortName": "Vaadin"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://vaadin.com/security/cve-2021-33605"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/vaadin/flow-components/pull/1903"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Unauthorized property update in CheckboxGroup component in Vaadin 12-14 and 15-20",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vaadin.com",
"DATE_PUBLIC": "2021-08-25T11:46:00.000Z",
"ID": "CVE-2021-33605",
"STATE": "PUBLIC",
"TITLE": "Unauthorized property update in CheckboxGroup component in Vaadin 12-14 and 15-20"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Vaadin",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "12.0.0"
},
{
"version_affected": "\u003c",
"version_value": "14.0.0"
},
{
"version_affected": "\u003e=",
"version_value": "14.0.0"
},
{
"version_affected": "\u003c",
"version_value": "14.5.0"
},
{
"version_affected": "\u003e=",
"version_value": "15.0.0"
},
{
"version_affected": "\u003c=",
"version_value": "17.0.11"
},
{
"version_affected": "\u003e=",
"version_value": "14.5.0"
},
{
"version_affected": "\u003c=",
"version_value": "14.6.7"
},
{
"version_affected": "\u003e=",
"version_value": "18.0.0"
},
{
"version_affected": "\u003c=",
"version_value": "20.0.5"
}
]
}
},
{
"product_name": "vaadin-checkbox-flow",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "1.2.0"
},
{
"version_affected": "\u003c",
"version_value": "2.0.0"
},
{
"version_affected": "\u003e=",
"version_value": "2.0.0"
},
{
"version_affected": "\u003c",
"version_value": "3.0.0"
},
{
"version_affected": "\u003e=",
"version_value": "3.0.0"
},
{
"version_affected": "\u003c=",
"version_value": "4.0.1"
},
{
"version_affected": "\u003e=",
"version_value": "14.5.0"
},
{
"version_affected": "\u003c=",
"version_value": "14.6.7"
},
{
"version_affected": "\u003e=",
"version_value": "18.0.0"
},
{
"version_affected": "\u003c=",
"version_value": "20.0.5"
}
]
}
}
]
},
"vendor_name": "Vaadin"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper check in CheckboxGroup in com.vaadin:vaadin-checkbox-flow versions 1.2.0 prior to 2.0.0 (Vaadin 12.0.0 prior to 14.0.0), 2.0.0 prior to 3.0.0 (Vaadin 14.0.0 prior to 14.5.0), 3.0.0 through 4.0.1 (Vaadin 15.0.0 through 17.0.11), 14.5.0 through 14.6.7 (Vaadin 14.5.0 through 14.6.7), and 18.0.0 through 20.0.5 (Vaadin 18.0.0 through 20.0.5) allows attackers to modify the value of a disabled Checkbox inside enabled CheckboxGroup component via unspecified vectors."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vaadin.com/security/cve-2021-33605",
"refsource": "CONFIRM",
"url": "https://vaadin.com/security/cve-2021-33605"
},
{
"name": "https://github.com/vaadin/flow-components/pull/1903",
"refsource": "CONFIRM",
"url": "https://github.com/vaadin/flow-components/pull/1903"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9e0f3122-90e9-42d5-93de-8c6b98deef7e",
"assignerShortName": "Vaadin",
"cveId": "CVE-2021-33605",
"datePublished": "2021-08-25T12:12:41.760Z",
"dateReserved": "2021-05-27T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:53:05.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32946 (GCVE-0-2021-32946)
Vulnerability from cvelistv5 – Published: 2021-06-17 11:56 – Updated: 2024-08-03 23:33- CWE-754 - IMPROPER CHECK FOR UNUSUAL OR EXCEPTIONAL CONDITIONS CWE-754
| URL | Tags |
|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02 | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Drawings SDK |
Affected:
Version 2022.4 and prior
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:55.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-938030.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-983/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-985/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Drawings SDK",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Version 2022.4 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the user-supplied data. This may result in several of out-of-bounds problems and allow attackers to cause a denial-of-service condition or execute code in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "IMPROPER CHECK FOR UNUSUAL OR EXCEPTIONAL CONDITIONS CWE-754",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-08T14:06:31.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-938030.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-983/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-985/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2021-32946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Drawings SDK",
"version": {
"version_data": [
{
"version_value": "Version 2022.4 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the user-supplied data. This may result in several of out-of-bounds problems and allow attackers to cause a denial-of-service condition or execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER CHECK FOR UNUSUAL OR EXCEPTIONAL CONDITIONS CWE-754"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-02"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-938030.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-938030.pdf"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-983/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-983/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-985/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-985/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-155599.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-32946",
"datePublished": "2021-06-17T11:56:39.000Z",
"dateReserved": "2021-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:33:55.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32780 (GCVE-0-2021-32780)
Vulnerability from cvelistv5 – Published: 2021-08-24 20:55 – Updated: 2024-08-03 23:33- CWE-754 - Improper Check for Unusual or Exceptional Conditions
| URL | Tags |
|---|---|
| https://www.envoyproxy.io/docs/envoy/v1.19.0/vers… | x_refsource_MISC |
| https://github.com/envoyproxy/envoy/security/advi… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| envoyproxy | envoy |
Affected:
>= 1.19.0, < 1.19.1
Affected: >= 1.18.0, < 1.18.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:33:56.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j374-mjrw-vvp8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "envoy",
"vendor": "envoyproxy",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.19.0, \u003c 1.19.1"
},
{
"status": "affected",
"version": "\u003e= 1.18.0, \u003c 1.18.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions Envoy transitions a H/2 connection to the CLOSED state when it receives a GOAWAY frame without any streams outstanding. The connection state is transitioned to DRAINING when it receives a SETTING frame with the SETTINGS_MAX_CONCURRENT_STREAMS parameter set to 0. Receiving these two frames in the same I/O event results in abnormal termination of the Envoy process due to invalid state transition from CLOSED to DRAINING. A sequence of H/2 frames delivered by an untrusted upstream server will result in Denial of Service in the presence of untrusted **upstream** servers. Envoy versions 1.19.1, 1.18.4 contain fixes to stop processing of pending H/2 frames after connection transition to the CLOSED state."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T20:55:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j374-mjrw-vvp8"
}
],
"source": {
"advisory": "GHSA-j374-mjrw-vvp8",
"discovery": "UNKNOWN"
},
"title": "Incorrect handling of H/2 GOAWAY followed by SETTINGS frames",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-32780",
"STATE": "PUBLIC",
"TITLE": "Incorrect handling of H/2 GOAWAY followed by SETTINGS frames"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "envoy",
"version": {
"version_data": [
{
"version_value": "\u003e= 1.19.0, \u003c 1.19.1"
},
{
"version_value": "\u003e= 1.18.0, \u003c 1.18.4"
}
]
}
}
]
},
"vendor_name": "envoyproxy"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions Envoy transitions a H/2 connection to the CLOSED state when it receives a GOAWAY frame without any streams outstanding. The connection state is transitioned to DRAINING when it receives a SETTING frame with the SETTINGS_MAX_CONCURRENT_STREAMS parameter set to 0. Receiving these two frames in the same I/O event results in abnormal termination of the Envoy process due to invalid state transition from CLOSED to DRAINING. A sequence of H/2 frames delivered by an untrusted upstream server will result in Denial of Service in the presence of untrusted **upstream** servers. Envoy versions 1.19.1, 1.18.4 contain fixes to stop processing of pending H/2 frames after connection transition to the CLOSED state."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history",
"refsource": "MISC",
"url": "https://www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history"
},
{
"name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j374-mjrw-vvp8",
"refsource": "CONFIRM",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j374-mjrw-vvp8"
}
]
},
"source": {
"advisory": "GHSA-j374-mjrw-vvp8",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-32780",
"datePublished": "2021-08-24T20:55:10.000Z",
"dateReserved": "2021-05-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:33:56.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31364 (GCVE-0-2021-31364)
Vulnerability from cvelistv5 – Published: 2021-10-19 18:16 – Updated: 2024-09-17 01:56| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA11226 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
unspecified , < 17.4R3-S5
(custom)
Affected: 18.3 , < 18.3R3-S5 (custom) Affected: 18.4 , < 18.4R3-S9 (custom) Affected: 19.1 , < 19.1R3-S6 (custom) Affected: 19.2 , < 19.2R1-S7, 19.2R3-S2 (custom) Affected: 19.3 , < 19.3R2-S6, 19.3R3-S2 (custom) Affected: 19.4 , < 19.4R1-S4, 19.4R3-S3 (custom) Affected: 20.1 , < 20.1R2-S2, 20.1R3 (custom) Affected: 20.2 , < 20.2R3 (custom) Affected: 20.3 , < 20.3R2-S1, 20.3R3 (custom) Affected: 20.4 , < 20.4R2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA11226"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "17.4R3-S5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "18.3R3-S5",
"status": "affected",
"version": "18.3",
"versionType": "custom"
},
{
"lessThan": "18.4R3-S9",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.1R3-S6",
"status": "affected",
"version": "19.1",
"versionType": "custom"
},
{
"lessThan": "19.2R1-S7, 19.2R3-S2",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R2-S6, 19.3R3-S2",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R1-S4, 19.4R3-S3",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R2-S2, 20.1R3",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R3",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R2-S1, 20.3R3",
"status": "affected",
"version": "20.3",
"versionType": "custom"
},
{
"lessThan": "20.4R2",
"status": "affected",
"version": "20.4",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue can only occur when logging for session-close is configured similar to the following example:\n\n [security policies from-zone untrust to-zone trust policy policy_name then log session-close]"
}
],
"datePublic": "2021-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon (flowd) of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2 allows an unauthenticated network based attacker sending specific traffic to cause a crash of the flowd/srxpfe process, responsible for traffic forwarding in SRX, which will cause a Denial of Service (DoS). Continued receipt and processing of this specific traffic will create a sustained Denial of Service (DoS) condition. This issue can only occur when specific packets are trying to create the same session and logging for session-close is configured as a policy action. Affected platforms are: SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2. Not affected platforms are: SRX4000 Series, SRX5000 Series with SPC3, and vSRX Series. This issue affects Juniper Networks Junos OS SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2: All versions prior to 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-19T18:16:52.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA11226"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 17.4R3-S5, 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3, 20.3R2-S1, 20.3R3, 20.4R2, 21.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11226",
"defect": [
"1571354"
],
"discovery": "USER"
},
"title": "Junos OS: SRX Series: The flowd process will crash if log session-close is configured and specific traffic is received",
"workarounds": [
{
"lang": "en",
"value": "Please remove the session-close log action from the policy actions of all policies."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31364",
"STATE": "PUBLIC",
"TITLE": "Junos OS: SRX Series: The flowd process will crash if log session-close is configured and specific traffic is received"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "\u003c",
"version_value": "17.4R3-S5"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "\u003c",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "\u003c",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "\u003c",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S2"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "\u003c",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S2"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R3-S3"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R3"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R2-S1, 20.3R3"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue can only occur when logging for session-close is configured similar to the following example:\n\n [security policies from-zone untrust to-zone trust policy policy_name then log session-close]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon (flowd) of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2 allows an unauthenticated network based attacker sending specific traffic to cause a crash of the flowd/srxpfe process, responsible for traffic forwarding in SRX, which will cause a Denial of Service (DoS). Continued receipt and processing of this specific traffic will create a sustained Denial of Service (DoS) condition. This issue can only occur when specific packets are trying to create the same session and logging for session-close is configured as a policy action. Affected platforms are: SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2. Not affected platforms are: SRX4000 Series, SRX5000 Series with SPC3, and vSRX Series. This issue affects Juniper Networks Junos OS SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2: All versions prior to 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11226",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11226"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 17.4R3-S5, 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3, 20.3R2-S1, 20.3R3, 20.4R2, 21.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11226",
"defect": [
"1571354"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "Please remove the session-close log action from the policy actions of all policies."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2021-31364",
"datePublished": "2021-10-19T18:16:52.279Z",
"dateReserved": "2021-04-15T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:56:30.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31361 (GCVE-0-2021-31361)
Vulnerability from cvelistv5 – Published: 2021-10-19 18:16 – Updated: 2024-09-17 03:44| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA11223 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
unspecified , < 17.3R3-S11
(custom)
Affected: 17.4 , < 17.4R2-S13, 17.4R3-S4 (custom) Affected: 18.1 , < 18.1R3-S12 (custom) Affected: 18.2 , < 18.2R2-S8, 18.2R3-S7 (custom) Affected: 18.3 , < 18.3R3-S4 (custom) Affected: 18.4 , < 18.4R1-S8, 18.4R2-S7, 18.4R3-S7 (custom) Affected: 19.1 , < 19.1R1-S6, 19.1R2-S2, 19.1R3-S4 (custom) Affected: 19.2 , < 19.2R1-S6, 19.2R3-S2 (custom) Affected: 19.3 , < 19.3R3-S1 (custom) Affected: 19.4 , < 19.4R2-S3, 19.4R3-S1 (custom) Affected: 20.1 , < 20.1R2, 20.1R3 (custom) Affected: 20.2 , < 20.2R2, 20.2R3 (custom) Affected: 20.3 , < 20.3R1-S1, 20.3R2 (custom) |
|
| Juniper Networks | Junos OS |
Affected:
unspecified , < 18.4R3-S9
(custom)
Affected: 19.1 , < 19.1R3-S6 (custom) Affected: 19.2 , < 19.2R1-S7, 19.2R3-S3 (custom) Affected: 19.3 , < 19.3R2-S6, 19.3R3-S3 (custom) Affected: 19.4 , < 19.4R1-S4, 19.4R3-S5 (custom) Affected: 20.1 , < 20.1R2-S2, 20.1R3 (custom) Affected: 20.2 , < 20.2R3-S1 (custom) Affected: 20.3 , < 20.3R2-S1, 20.3R3 (custom) Affected: 20.4 , < 20.4R2-S1, 20.4R3 (custom) Affected: 21.1 , < 21.1R1-S1, 21.1R2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA11223"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"QFX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "17.3R3-S11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "17.4R2-S13, 17.4R3-S4",
"status": "affected",
"version": "17.4",
"versionType": "custom"
},
{
"lessThan": "18.1R3-S12",
"status": "affected",
"version": "18.1",
"versionType": "custom"
},
{
"lessThan": "18.2R2-S8, 18.2R3-S7",
"status": "affected",
"version": "18.2",
"versionType": "custom"
},
{
"lessThan": "18.3R3-S4",
"status": "affected",
"version": "18.3",
"versionType": "custom"
},
{
"lessThan": "18.4R1-S8, 18.4R2-S7, 18.4R3-S7",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.1R1-S6, 19.1R2-S2, 19.1R3-S4",
"status": "affected",
"version": "19.1",
"versionType": "custom"
},
{
"lessThan": "19.2R1-S6, 19.2R3-S2",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R3-S1",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R2-S3, 19.4R3-S1",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R2, 20.1R3",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R2, 20.2R3",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R1-S1, 20.3R2",
"status": "affected",
"version": "20.3",
"versionType": "custom"
}
]
},
{
"platforms": [
"PTX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "18.4R3-S9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "19.1R3-S6",
"status": "affected",
"version": "19.1",
"versionType": "custom"
},
{
"lessThan": "19.2R1-S7, 19.2R3-S3",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R2-S6, 19.3R3-S3",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R1-S4, 19.4R3-S5",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R2-S2, 20.1R3",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R3-S1",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R2-S1, 20.3R3",
"status": "affected",
"version": "20.3",
"versionType": "custom"
},
{
"lessThan": "20.4R2-S1, 20.4R3",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R1-S1, 21.1R2",
"status": "affected",
"version": "21.1",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "An minimal example VXLAN configuration affected would be:\n\n set bridge-domains vlan-20 vxlan vni 10\n set bridge-domains vlan-20 vlan-id 10\n set bridge-domains vlan-20 interface xe-1/0/1.0\n set interfaces xe-1/0/1 vlan-tagging\n set interfaces xe-1/0/1 encapsulation flexible-ethernet-services\n set interfaces xe-1/0/1 unit 0 encapsulation vlan-bridge\n set interfaces xe-1/0/1 unit 0 vlan-id 10"
}
],
"datePublic": "2021-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unauthenticated network based attacker to cause increased FPC CPU utilization by sending specific IP packets which are being VXLAN encapsulated leading to a partial Denial of Service (DoS). Continued receipted of these specific traffic will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on QFX Series: All versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S3, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS on PTX Series: All versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-19T18:16:47.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA11223"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue for QFX Series: 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.1R3-S12, 18.2R2-S8, 18.2R3-S7, 18.3R3-S4, 18.4R1-S8, 18.4R2-S7, 18.4R3-S7, 19.1R1-S6, 19.1R2-S2, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R3-S1, 19.4R2-S3, 19.4R3-S1, 20.1R2, 20.1R3, 20.2R2, 20.2R3, 20.3R1-S1, 20.3R2, 20.4R1, and all subsequent releases.\n\nThe following software releases have been updated to resolve this specific issue for PTX Series: 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R1-S4, 19.4R3-S5, 20.1R2-S2, 20.1R3, 20.2R3-S1, 20.3R2-S1, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11223",
"defect": [
"1490063",
"1584197"
],
"discovery": "USER"
},
"title": "Junos OS: QFX Series and PTX Series: FPC resource usage increases when certain packets are processed which are being VXLAN encapsulated",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31361",
"STATE": "PUBLIC",
"TITLE": "Junos OS: QFX Series and PTX Series: FPC resource usage increases when certain packets are processed which are being VXLAN encapsulated"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_value": "17.3R3-S11"
},
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_name": "17.4",
"version_value": "17.4R2-S13, 17.4R3-S4"
},
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_name": "18.1",
"version_value": "18.1R3-S12"
},
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_name": "18.2",
"version_value": "18.2R2-S8, 18.2R3-S7"
},
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_name": "18.3",
"version_value": "18.3R3-S4"
},
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R1-S8, 18.4R2-S7, 18.4R3-S7"
},
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_name": "19.1",
"version_value": "19.1R1-S6, 19.1R2-S2, 19.1R3-S4"
},
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_name": "19.2",
"version_value": "19.2R1-S6, 19.2R3-S2"
},
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_name": "19.3",
"version_value": "19.3R3-S1"
},
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R2-S3, 19.4R3-S1"
},
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R2, 20.1R3"
},
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R2, 20.2R3"
},
{
"platform": "QFX Series",
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R1-S1, 20.3R2"
}
]
}
},
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "PTX Series",
"version_affected": "\u003c",
"version_value": "18.4R3-S9"
},
{
"platform": "PTX Series",
"version_affected": "\u003c",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"platform": "PTX Series",
"version_affected": "\u003c",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"platform": "PTX Series",
"version_affected": "\u003c",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"platform": "PTX Series",
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R3-S5"
},
{
"platform": "PTX Series",
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3"
},
{
"platform": "PTX Series",
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R3-S1"
},
{
"platform": "PTX Series",
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R2-S1, 20.3R3"
},
{
"platform": "PTX Series",
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R2-S1, 20.4R3"
},
{
"platform": "PTX Series",
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "An minimal example VXLAN configuration affected would be:\n\n set bridge-domains vlan-20 vxlan vni 10\n set bridge-domains vlan-20 vlan-id 10\n set bridge-domains vlan-20 interface xe-1/0/1.0\n set interfaces xe-1/0/1 vlan-tagging\n set interfaces xe-1/0/1 encapsulation flexible-ethernet-services\n set interfaces xe-1/0/1 unit 0 encapsulation vlan-bridge\n set interfaces xe-1/0/1 unit 0 vlan-id 10"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unauthenticated network based attacker to cause increased FPC CPU utilization by sending specific IP packets which are being VXLAN encapsulated leading to a partial Denial of Service (DoS). Continued receipted of these specific traffic will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on QFX Series: All versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S3, 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2. Juniper Networks Junos OS on PTX Series: All versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11223",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11223"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue for QFX Series: 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.1R3-S12, 18.2R2-S8, 18.2R3-S7, 18.3R3-S4, 18.4R1-S8, 18.4R2-S7, 18.4R3-S7, 19.1R1-S6, 19.1R2-S2, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R3-S1, 19.4R2-S3, 19.4R3-S1, 20.1R2, 20.1R3, 20.2R2, 20.2R3, 20.3R1-S1, 20.3R2, 20.4R1, and all subsequent releases.\n\nThe following software releases have been updated to resolve this specific issue for PTX Series: 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R1-S4, 19.4R3-S5, 20.1R2-S2, 20.1R3, 20.2R3-S1, 20.3R2-S1, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11223",
"defect": [
"1490063",
"1584197"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2021-31361",
"datePublished": "2021-10-19T18:16:47.475Z",
"dateReserved": "2021-04-15T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:44:15.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31351 (GCVE-0-2021-31351)
Vulnerability from cvelistv5 – Published: 2021-10-19 18:16 – Updated: 2024-09-17 01:26- CWE-754 - Improper Check for Unusual or Exceptional Conditions
- Denial of Service (DoS)
| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA11216 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Unaffected:
unspecified , < 15.1
(custom)
Unaffected: 17.3 , < 17.3R3-S11 (custom) Unaffected: 17.4R3 , < 17.4* (custom) |
|
| Juniper Networks | Junos OS |
Affected:
17.3R3-S11
Affected: 18.1R3-S12 Affected: 18.3R3-S4 Affected: 18.4R3-S7 Affected: 19.1R3-S4, 19.1R3-S5 Affected: 19.2R1-S6 Affected: 19.3R3-S2 Affected: 19.4R3-S2 Affected: 20.1R2-S1 Affected: 20.2R3 Affected: 20.3R2 Affected: 17.4R2-S13 , < 17.4* (custom) Affected: 18.2R2-S8, 18.2R3-S7 , < 18.2* (custom) Affected: 18.4R1-S8, 18.4R2-S7 , < 18.4* (custom) Affected: 19.4R2-S4 , < 19.4* (custom) Affected: 20.2R2-S2 , < 20.2* (custom) Affected: 20.3R1-S2 , < 20.3* (custom) Affected: 20.4 , < 20.4R2-S1, 20.4R3 (custom) Affected: 21.1 , < 21.1R1-S1, 21.1R2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA11216"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "15.1",
"status": "unaffected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "17.3R3-S11",
"status": "unaffected",
"version": "17.3",
"versionType": "custom"
},
{
"lessThan": "17.4*",
"status": "unaffected",
"version": "17.4R3",
"versionType": "custom"
}
]
},
{
"platforms": [
"MX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "17.3R3-S11"
},
{
"status": "affected",
"version": "18.1R3-S12"
},
{
"status": "affected",
"version": "18.3R3-S4"
},
{
"status": "affected",
"version": "18.4R3-S7"
},
{
"status": "affected",
"version": "19.1R3-S4, 19.1R3-S5"
},
{
"status": "affected",
"version": "19.2R1-S6"
},
{
"status": "affected",
"version": "19.3R3-S2"
},
{
"status": "affected",
"version": "19.4R3-S2"
},
{
"status": "affected",
"version": "20.1R2-S1"
},
{
"status": "affected",
"version": "20.2R3"
},
{
"status": "affected",
"version": "20.3R2"
},
{
"lessThan": "17.4*",
"status": "affected",
"version": "17.4R2-S13",
"versionType": "custom"
},
{
"lessThan": "18.2*",
"status": "affected",
"version": "18.2R2-S8, 18.2R3-S7",
"versionType": "custom"
},
{
"lessThan": "18.4*",
"status": "affected",
"version": "18.4R1-S8, 18.4R2-S7",
"versionType": "custom"
},
{
"lessThan": "19.4*",
"status": "affected",
"version": "19.4R2-S4",
"versionType": "custom"
},
{
"lessThan": "20.2*",
"status": "affected",
"version": "20.2R2-S2",
"versionType": "custom"
},
{
"lessThan": "20.3*",
"status": "affected",
"version": "20.3R1-S2",
"versionType": "custom"
},
{
"lessThan": "20.4R2-S1, 20.4R3",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R1-S1, 21.1R2",
"status": "affected",
"version": "21.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An Improper Check for Unusual or Exceptional Conditions in packet processing on the MS-MPC/MS-MIC utilized by Juniper Networks Junos OS allows a malicious attacker to send a specific packet, triggering the MS-MPC/MS-MIC to reset, causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects specific versions of Juniper Networks Junos OS on MX Series: 17.3R3-S11; 17.4R2-S13; 17.4R3 prior to 17.4R3-S5; 18.1R3-S12; 18.2R2-S8, 18.2R3-S7, 18.2R3-S8; 18.3R3-S4; 18.4R3-S7; 19.1R3-S4, 19.1R3-S5; 19.2R1-S6; 19.3R3-S2; 19.4R2-S4, 19.4R2-S5; 19.4R3-S2; 20.1R2-S1; 20.2R2-S2, 20.2R2-S3, 20.2R3; 20.3R2, 20.3R2-S1; 20.4R1, 20.4R1-S1, 20.4R2; 21.1R1; This issue does not affect any version of Juniper Networks Junos OS prior to 15.1X49-D240;"
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-19T18:16:31.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA11216"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 17.3R3-S12, 17.4R3-S5, 18.1R3-S13, 18.3R3-S5, 18.4R3-S8, 19.1R3-S6, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S3, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3-S1, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.\n\nNote: Only those releases listed in the PROBLEM section above are affected. This fix has also been proactively committed into other releases that are not vulnerable to this issue."
}
],
"source": {
"advisory": "JSA11216",
"defect": [
"1577814"
],
"discovery": "USER"
},
"title": "Junos OS: MX Series: Receipt of specific packet on MS-MPC/MS-MIC causes line card reset",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31351",
"STATE": "PUBLIC",
"TITLE": "Junos OS: MX Series: Receipt of specific packet on MS-MPC/MS-MIC causes line card reset"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "!\u003c",
"version_value": "15.1"
},
{
"version_affected": "!\u003c",
"version_name": "17.3",
"version_value": "17.3R3-S11"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_value": "17.3R3-S11"
},
{
"platform": "MX Series",
"version_affected": "\u003e=",
"version_name": "17.4",
"version_value": "17.4R2-S13"
},
{
"version_affected": "!\u003e=",
"version_name": "17.4",
"version_value": "17.4R3"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_value": "18.1R3-S12"
},
{
"platform": "MX Series",
"version_affected": "\u003e=",
"version_name": "18.2",
"version_value": "18.2R2-S8, 18.2R3-S7"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_value": "18.3R3-S4"
},
{
"platform": "MX Series",
"version_affected": "\u003e=",
"version_name": "18.4",
"version_value": "18.4R1-S8, 18.4R2-S7"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "18.4",
"version_value": "18.4R3-S7"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "19.1",
"version_value": "19.1R3-S4, 19.1R3-S5"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "19.2",
"version_value": "19.2R1-S6"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "19.3",
"version_value": "19.3R3-S2"
},
{
"platform": "MX Series",
"version_affected": "\u003e=",
"version_name": "19.4",
"version_value": "19.4R2-S4"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "19.4",
"version_value": "19.4R3-S2"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "20.1",
"version_value": "20.1R2-S1"
},
{
"platform": "MX Series",
"version_affected": "\u003e=",
"version_name": "20.2",
"version_value": "20.2R2-S2"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "20.2",
"version_value": "20.2R3"
},
{
"platform": "MX Series",
"version_affected": "\u003e=",
"version_name": "20.3",
"version_value": "20.3R1-S2"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "20.3",
"version_value": "20.3R2"
},
{
"platform": "MX Series",
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R2-S1, 20.4R3"
},
{
"platform": "MX Series",
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Check for Unusual or Exceptional Conditions in packet processing on the MS-MPC/MS-MIC utilized by Juniper Networks Junos OS allows a malicious attacker to send a specific packet, triggering the MS-MPC/MS-MIC to reset, causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects specific versions of Juniper Networks Junos OS on MX Series: 17.3R3-S11; 17.4R2-S13; 17.4R3 prior to 17.4R3-S5; 18.1R3-S12; 18.2R2-S8, 18.2R3-S7, 18.2R3-S8; 18.3R3-S4; 18.4R3-S7; 19.1R3-S4, 19.1R3-S5; 19.2R1-S6; 19.3R3-S2; 19.4R2-S4, 19.4R2-S5; 19.4R3-S2; 20.1R2-S1; 20.2R2-S2, 20.2R2-S3, 20.2R3; 20.3R2, 20.3R2-S1; 20.4R1, 20.4R1-S1, 20.4R2; 21.1R1; This issue does not affect any version of Juniper Networks Junos OS prior to 15.1X49-D240;"
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11216",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11216"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 17.3R3-S12, 17.4R3-S5, 18.1R3-S13, 18.3R3-S5, 18.4R3-S8, 19.1R3-S6, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S3, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3-S1, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.\n\nNote: Only those releases listed in the PROBLEM section above are affected. This fix has also been proactively committed into other releases that are not vulnerable to this issue."
}
],
"source": {
"advisory": "JSA11216",
"defect": [
"1577814"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2021-31351",
"datePublished": "2021-10-19T18:16:31.714Z",
"dateReserved": "2021-04-15T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:26:12.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29607 (GCVE-0-2021-29607)
Vulnerability from cvelistv5 – Published: 2021-05-14 19:21 – Updated: 2024-08-03 22:11- CWE-754 - Improper Check for Unusual or Exceptional Conditions
| URL | Tags |
|---|---|
| https://github.com/tensorflow/tensorflow/commit/b… | x_refsource_MISC |
| https://github.com/tensorflow/tensorflow/security… | x_refsource_CONFIRM |
| https://github.com/tensorflow/tensorflow/commit/f… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| tensorflow | tensorflow |
Affected:
< 2.1.4
Affected: >= 2.2.0, < 2.2.3 Affected: >= 2.3.0, < 2.3.3 Affected: >= 2.4.0, < 2.4.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:11:06.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gv26-jpj9-c8gq"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/tensorflow/tensorflow/commit/f6fde895ef9c77d848061c0517f19d0ec2682f3a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tensorflow",
"vendor": "tensorflow",
"versions": [
{
"status": "affected",
"version": "\u003c 2.1.4"
},
{
"status": "affected",
"version": "\u003e= 2.2.0, \u003c 2.2.3"
},
{
"status": "affected",
"version": "\u003e= 2.3.0, \u003c 2.3.3"
},
{
"status": "affected",
"version": "\u003e= 2.4.0, \u003c 2.4.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined behavior (dereferencing null pointers) as well as write outside of bounds of heap allocated data. The implementation(https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/sparse_sparse_binary_op_shared.cc) has a large set of validation for the two sparse tensor inputs (6 tensors in total), but does not validate that the tensors are not empty or that the second dimension of `*_indices` matches the size of corresponding `*_shape`. This allows attackers to send tensor triples that represent invalid sparse tensors to abuse code assumptions that are not protected by validation. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-14T19:21:03.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gv26-jpj9-c8gq"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tensorflow/tensorflow/commit/f6fde895ef9c77d848061c0517f19d0ec2682f3a"
}
],
"source": {
"advisory": "GHSA-gv26-jpj9-c8gq",
"discovery": "UNKNOWN"
},
"title": "Incomplete validation in `SparseSparseMinimum`",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-29607",
"STATE": "PUBLIC",
"TITLE": "Incomplete validation in `SparseSparseMinimum`"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tensorflow",
"version": {
"version_data": [
{
"version_value": "\u003c 2.1.4"
},
{
"version_value": "\u003e= 2.2.0, \u003c 2.2.3"
},
{
"version_value": "\u003e= 2.3.0, \u003c 2.3.3"
},
{
"version_value": "\u003e= 2.4.0, \u003c 2.4.2"
}
]
}
}
]
},
"vendor_name": "tensorflow"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined behavior (dereferencing null pointers) as well as write outside of bounds of heap allocated data. The implementation(https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/sparse_sparse_binary_op_shared.cc) has a large set of validation for the two sparse tensor inputs (6 tensors in total), but does not validate that the tensors are not empty or that the second dimension of `*_indices` matches the size of corresponding `*_shape`. This allows attackers to send tensor triples that represent invalid sparse tensors to abuse code assumptions that are not protected by validation. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2"
},
{
"name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gv26-jpj9-c8gq",
"refsource": "CONFIRM",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gv26-jpj9-c8gq"
},
{
"name": "https://github.com/tensorflow/tensorflow/commit/f6fde895ef9c77d848061c0517f19d0ec2682f3a",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/f6fde895ef9c77d848061c0517f19d0ec2682f3a"
}
]
},
"source": {
"advisory": "GHSA-gv26-jpj9-c8gq",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-29607",
"datePublished": "2021-05-14T19:21:03.000Z",
"dateReserved": "2021-03-30T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:11:06.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29544 (GCVE-0-2021-29544)
Vulnerability from cvelistv5 – Published: 2021-05-14 19:11 – Updated: 2024-10-31 20:41- CWE-754 - Improper Check for Unusual or Exceptional Conditions
| URL | Tags |
|---|---|
| https://github.com/tensorflow/tensorflow/security… | x_refsource_CONFIRM |
| https://github.com/tensorflow/tensorflow/commit/2… | x_refsource_MISC |
| https://github.com/tensorflow/tensorflow/blob/950… | x_refsource_MISC |
| https://github.com/tensorflow/tensorflow/blob/950… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| tensorflow | tensorflow |
Affected:
>= 2.4.0, < 2.4.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:11:05.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6g85-3hm8-83f9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/tensorflow/tensorflow/commit/20431e9044cf2ad3c0323c34888b192f3289af6b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tensorflow",
"vendor": "tensorflow",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.4.0, \u003c 2.4.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.QuantizeAndDequantizeV4Grad`. This is because the implementation does not validate the rank of the `input_*` tensors. In turn, this results in the tensors being passes as they are to `QuantizeAndDequantizePerChannelGradientImpl`. However, the `vec\u003cT\u003e` method, requires the rank to 1 and triggers a `CHECK` failure otherwise. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 as this is the only other affected version."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T20:41:21.258Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6g85-3hm8-83f9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6g85-3hm8-83f9"
},
{
"name": "https://github.com/tensorflow/tensorflow/commit/20431e9044cf2ad3c0323c34888b192f3289af6b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tensorflow/tensorflow/commit/20431e9044cf2ad3c0323c34888b192f3289af6b"
},
{
"name": "https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163"
},
{
"name": "https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306"
}
],
"source": {
"advisory": "GHSA-6g85-3hm8-83f9",
"discovery": "UNKNOWN"
},
"title": "CHECK-fail in `QuantizeAndDequantizeV4Grad`"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-29544",
"datePublished": "2021-05-14T19:11:06.000Z",
"dateReserved": "2021-03-30T00:00:00.000Z",
"dateUpdated": "2024-10-31T20:41:21.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation MIT-3
Strategy: Language Selection
- Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- Choose languages with features such as exception handling that force the programmer to anticipate unusual conditions that may generate exceptions. Custom exceptions may need to be developed to handle unusual business-logic conditions. Be careful not to pass sensitive exceptions back to the user (CWE-209, CWE-248).
Mitigation
Check the results of all functions that return a value and verify that the value is expected.
Mitigation
If using exception handling, catch and throw specific exceptions instead of overly-general exceptions (CWE-396, CWE-397). Catch and handle exceptions as locally as possible so that exceptions do not propagate too far up the call stack (CWE-705). Avoid unchecked or uncaught exceptions where feasible (CWE-248).
Mitigation MIT-39
- Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
- If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
- Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
- Exposing additional information to a potential attacker in the context of an exceptional condition can help the attacker determine what attack vectors are most likely to succeed beyond DoS.
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation MIT-38
If the program must fail, ensure that it fails gracefully (fails closed). There may be a temptation to simply let the program fail poorly in cases such as low memory conditions, but an attacker may be able to assert control before the software has fully exited. Alternately, an uncontrolled failure could cause cascading problems with other downstream components; for example, the program could send a signal to a downstream process so the process immediately knows that a problem has occurred and has a better chance of recovery.
Mitigation
Use system limits, which should help to prevent resource exhaustion. However, the product should still handle low resource conditions since they may still occur.
No CAPEC attack patterns related to this CWE.