CVE-2024-21612 Junos OS Evolved: Specific TCP traffic causes OFP core and restart of RE

🗓️ 12 Jan 2024 00:55:37Reported by juniperType

Improper handling of TCP traffic crashes Junos OS Evolved OFP, leading to RE restar

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of the Object Flooding Protocol service in Juniper Networks’ Junos OS Evolved operating systems allows a attacker to cause a service failure.	18 Jan 202400:00	–	bdu_fstec
Circl	CVE-2024-21612	12 Jan 202402:26	–	circl
CNNVD	Juniper Networks Junos OS and Junos OS Evolved Security Vulnerabilities	11 Jan 202400:00	–	cnnvd
CVE	CVE-2024-21612	12 Jan 202400:55	–	cve
EUVD	EUVD-2024-19260	3 Oct 202520:07	–	euvd
NVD	CVE-2024-21612	12 Jan 202401:15	–	nvd
Prion	Input validation	12 Jan 202401:15	–	prion
Positive Technologies	PT-2024-1115 · Juniper Networks · Junos Evolved	10 Jan 202400:00	–	ptsecurity
Vulnrichment	CVE-2024-21612 Junos OS Evolved: Specific TCP traffic causes OFP core and restart of RE	12 Jan 202400:55	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS Evolved",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "21.2R3-S7-EVO",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S5-EVO ",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S5-EVO",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S4-EVO",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S3-EVO ",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R3-EVO",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R2-EVO, 22.4R3-EVO",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA75753
first	www.first.org/cvss/calculator/4.0

29 Jan 2024 15:28Current

7.7High risk

Vulners AI Score7.7

CVSS 3.17.5

EPSS0.00531

CWE-228