How severe is CVE-2021-31366?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2021-31366?

This is classified as CWE-252, which is a common weakness in software security.

CVE-2021-31366

MEDIUM Year: 2021

CVSS v3 Score

6.5

Medium

CVSS v2 Score

3.3

Low

Weakness Type

CWE-252

View all →

Vulnerability Description

An Unchecked Return Value vulnerability in the authd (authentication daemon) of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username. This impacts authentication, authorization, and accounting (AAA) services on the MX devices and leads to a Denial of Service (DoS) condition. Continued receipted of these PPP login request will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2.

CVE-2016-10060

MEDIUM

CVSS:6.5(Medium)

The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of servi...

CWE-2522016

CVE-2016-10061

MEDIUM

CVSS:6.5(Medium)

The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) v...

CWE-2522016

CVE-2018-16643

MEDIUM

CVSS:6.5(Medium)

The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the...

CWE-2522018

CVE-2019-9372

MEDIUM

CVSS:6.5(Medium)

In libskia, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitati...

CWE-2522019

CVE-2022-40716

MEDIUM

CVSS:6.5(Medium)

HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass...

CWE-2522022

CVE-2024-39558

HIGH

CVSS:6.5(Medium)

An Unchecked Return Value vulnerability in the Routing Protocol Daemon (rpd) on Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows a logically adjacent, unauthenticated attacker se...

CWE-2522024

CVE-2021-31366

Vulnerability Description

Related Vulnerabilities

CVE-2016-10060

CVE-2016-10061

CVE-2018-16643

CVE-2019-9372

CVE-2022-40716

CVE-2024-39558