CVE-2024-21600 Junos OS: PTX Series: In an FTI scenario MPLS packets hitting reject next-hop will cause a host path wedge condition

🗓️ 12 Jan 2024 00:53:38Reported by juniperType

Improper Neutralization vulnerability in Junos OS PTX Serie

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the Packet Forwarding Engine (PFE) in Juniper Networks’ Junos routers of the PTX series, which allows a attacker to cause a service failure.	18 Jan 202400:00	–	bdu_fstec
Circl	CVE-2024-21600	12 Jan 202402:26	–	circl
CNNVD	Juniper Networks Junos OS Security Vulnerability	12 Jan 202400:00	–	cnnvd
CVE	CVE-2024-21600	12 Jan 202400:53	–	cve
EUVD	EUVD-2024-19248	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Juniper Junos OS and Junos OS Evolved	12 Jan 202400:00	–	ncsc
NVD	CVE-2024-21600	12 Jan 202401:15	–	nvd
OSV	CVE-2024-21600	12 Jan 202401:15	–	osv
Prion	Path traversal	12 Jan 202401:15	–	prion
Positive Technologies	PT-2024-1129 · Juniper Networks · Junos	10 Jan 202400:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "PTX1000",
      "PTX3000",
      "PTX5000 with FPC3",
      "PTX10002-60C",
      "PTX10008/16 with LC110x"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "20.4R3-S8",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.1R3-S4",
        "status": "affected",
        "version": "21.1",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S6",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S3",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S5",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R2-S2, 22.1R3",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R2-S1, 22.2R3",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA75741
first	www.first.org/cvss/calculator/4.0

12 Jan 2024 00:53Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.16.5

EPSS0.00324