Juniper Networks Junos OSÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2021-0254£©

Ðû²¼Ê±¼ä 2021-04-19

0x00 Îó²î¸ÅÊö

CVE  ID

CVE-2021-0254

ʱ    ¼ä

2021-04-19

Àà   ÐÍ

RCE

µÈ    ¼¶

ÑÏÖØ

Ô¶³ÌʹÓÃ

ÊÇ

Ó°Ïì¹æÄ£


PoC/EXP

δ¹ûÕæ

ÔÚҰʹÓÃ

·ñ

 

0x01 Îó²îÏêÇé

image.png

 

2021Äê04ÔÂ14ÈÕ£¬£¬£¬£¬£¬JuniperÐû²¼Ç徲ͨ¸æ£¬£¬£¬£¬£¬ÐÞ¸´ÁËJuniper Networks Junos OSÖеÄÒ»¸öÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2021-0254£©£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSv3µÃ·ÖΪ9.8¡£¡£¡£¡£

¸ÃÎó²îÊÇJunos OSµÄoverlaydЧÀÍÖеĻº³åÇø¾ÞϸÑéÖ¤²»×¼È·µ¼Öµģ¬£¬£¬£¬£¬OverlaydÊØ»¤Àú³ÌÈÏÕæ´¦Öóͷ£·¢Ë͵½overlaydµÄOAMÊý¾Ý°ü£¬£¬£¬£¬£¬ÈçpingºÍtraceroute¡£¡£¡£¡£¸ÃЧÀÍĬÈÏÒÔrootÉí·ÝÔËÐУ¬£¬£¬£¬£¬ÔÚ4789¶Ë¿Ú¼àÌýUDPÅþÁ¬¡£¡£¡£¡£Î´¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°Ïì×°±¸·¢ËͶñÒâÊý¾Ý°üÀ´´¥·¢´ËÎó²î£¬£¬£¬£¬£¬ÒÔµ¼Ö¾ܾøЧÀÍ£¨DoS£©»òÔ¶³Ì´úÂëÖ´ÐУ¨RCE£©¡£¡£¡£¡£

±ðµÄ£¬£¬£¬£¬£¬overlaydĬÈÏÔÚMXϵÁС¢ACXϵÁкÍQFXϵÁÐƽ̨ÉÏÔËÐС£¡£¡£¡£ÈôÊÇÉèÖÃÁËÐéÄâ¿ÉÀ©Õ¹¾ÖÓòÍø£¨VXLAN£©overlay network£¬£¬£¬£¬£¬ÔòÆäËüƽ̨Ҳ±£´æ´ËÎó²î¡£¡£¡£¡£

 

Ó°Ïì¹æÄ£

Juniper Networks Junos OS 15.1X49¡¢15.1¡¢17.3¡¢17.4¡¢18.1¡¢18.2¡¢18.3¡¢18.4¡¢19.1¡¢19.2¡¢19.3¡¢19.4¡¢20.1¡¢20.2¡¢20.3¡£¡£¡£¡£

 

0x02 ´¦Öóͷ£½¨Òé

ÏÖÔÚ¹Ù·½ÒÑÐÞ¸´ÁË´ËÎó²î£¬£¬£¬£¬£¬½¨ÒéÉý¼¶µ½ÒÔÏ°汾£º

Junos OS 15.1X49-D240¡¢15.1R7-S9¡¢17.3R3-S11¡¢17.4R2-S13¡¢17.4R3-S4¡¢18.1R3-S12¡¢18.2R2-S8¡¢18.2R3-S7¡¢18.3R3-S4¡¢18.4R1-S8¡¢18.4R2-S7¡¢18.4R3-S7¡¢19.1R2-S2¡¢19.1R3-S4¡¢19.2R1-S6¡¢19.2R3-S2¡¢19.3R3-S1¡¢19.4R2-S4¡¢1R3-S4¡¢19.2R1-S6¡¢19.2R3-S2¡¢19.3R3-S1¡¢19.4R2-S4¡¢19.4R3-S1¡¢20.1R2-S1¡¢20.1R3¡¢20.2R2¡¢20.2R2-S1¡¢20.2R3¡¢20.3R1-S1¡¢20.4R1¼°ºóÐø¿¯Ðа汾¡£¡£¡£¡£

ÏÂÔØÁ´½Ó£º

https://support.juniper.net/support/downloads/

 

0x03 ²Î¿¼Á´½Ó

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11147

https://securityaffairs.co/wordpress/116907/security/juniper-networks-rce.html?

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0254

 

0x04 ʱ¼äÏß

2021-04-14  JuniperÐû²¼Ç徲ͨ¸æ

2021-04-19  VSRCÐû²¼Ç徲ͨ¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/

image.png