Lucene search

JuniperCVELIST:CVE-2024-21586

HistoryJul 01, 2024 - 4:34 p.m.

CVE-2024-21586 Junos OS: SRX Series and NFX Series: Specific valid traffic leads to a PFE crash

2024-07-0116:34:21

CWE-754

juniper

www.cve.org

junos os

srx series

packet forwarding engine

denial-of-service

cve-2024-21586

unauthenticated attacker

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.1%

JSON

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series and NFX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).

If an affected device receives specific valid traffic destined to the device, it will cause the PFE to crash and restart. Continued receipt and processing of this traffic will create a sustained DoS condition.

This issue affects Junos OS on SRX Series:

21.4 versions before 21.4R3-S7.9,
22.1 versions before 22.1R3-S5.3,
22.2 versions before 22.2R3-S4.11,
22.3 versions before 22.3R3,
22.4 versions before 22.4R3.

This issue affects Junos OS on NFX Series:

21.4 versions before 21.4R3-S8,
22.1 versions after 22.1R1,
22.2 versions before 22.2R3-S5,
22.3 versions before 22.3R3,
22.4 versions before 22.4R3.

Junos OS versions prior to 21.4R1 are not affected by this issue.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "SRX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "21.4R1",
        "status": "unaffected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S7.9",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S5.3",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S4.11",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R3",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R3",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "NFX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "21.4R1",
        "status": "unaffected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S8",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "22.1"
      },
      {
        "lessThan": "22.2R3-S5",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R3",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R3",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      }
    ]
  }
]

References

supportportal.juniper.net/JSA83195

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.1%

JSON

Related for CVELIST:CVE-2024-21586