How severe is CVE-2021-0297?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2021-0297?

This is classified as CWE-755, which is a common weakness in software security.

CVE-2021-0297 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does not have TCP MD5 authentication enabled. This could lead to untrusted or unauthorized sessions being established, resulting in an impact on confidentiality or stability of the network. This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.3R2-S1-EVO; 20.4 versions prior to 20.4R2-EVO; 21.1 versions prior to 21.1R2-EVO. Juniper Networks Junos OS is not affected by this issue.

Related Vulnerabilities

CVE-2011-2336

MEDIUM

CVSS:6.5(Medium)

An issue exists in WebKit in Google Chrome before Blink M12. when clearing lists in AnimationControllerPrivate that signal when a hardware animation starts.

CWE-7552011

CVE-2011-2807

MEDIUM

CVSS:6.5(Medium)

Incorrect handling of timer information in Timer.cpp in WebKit in Google Chrome before Blink M13.

CWE-7552011

CVE-2016-11034

MEDIUM

CVSS:6.5(Medium)

An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. The decode function in Qjpeg in Qt 5.7 allows attackers to trigger a system crash via a malformed image. The Sams...

CWE-7552016

CVE-2017-9658

MEDIUM

CVSS:6.5(Medium)

Certain 802.11 network management messages have been determined to invoke wireless access point blacklisting security defenses when not required, which can necessitate intervention by hospital staff t...

CWE-7552017

CVE-2018-1269

MEDIUM

CVSS:6.5(Medium)

Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not handle errors thrown while constructing cer...

CWE-7552018

CVE-2019-0144

MEDIUM

CVSS:6.5(Medium)

Unhandled exception in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an authenticated user to potentially enable a denial of service via local access.

CWE-7552019