Can you explain this vulnerability to me?

This vulnerability is an Incorrect Calculation issue in the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS Evolved. It allows an unauthenticated network-adjacent attacker to flap the management interface, which causes the learning of new MAC addresses over label-switched interfaces (LSI) to stop. At the same time, it generates a flood of logs that results in high CPU usage on the affected device.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

The vulnerability can impact you by causing the device to stop learning new MAC addresses over label-switched interfaces, which may disrupt network operations. Additionally, the flood of logs generated can lead to high CPU usage, potentially degrading device performance or causing denial of service conditions.

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring the system logs for the specific log message generated when the issue occurs. The log message includes details such as 'op:1 flag:0x6 mac:xx:xx:xx:xx:xx:xx bd:2 ifl:13302 reason:0(REASON_NONE) i-op:6(INTRNL_OP_HW_FORCE_DELETE) status:10 lstatus:10 err:26(GETIFBD_VALIDATE_FAILED) err-reason 4(IFBD_VALIDATE_FAIL_EPOCH_MISMATCH)'. Checking for this log pattern can help identify the vulnerability being triggered. Specific commands are not provided in the available information.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps are not detailed in the provided information. However, since the vulnerability affects specific versions of Junos OS Evolved, upgrading to a fixed version (such as 21.4R3-S7-EVO or later versions listed) is implied as a mitigation. No explicit commands or configuration changes are provided.

Useful 0 Not Useful 0