Lucene search

[email protected]NVD:CVE-2024-21597

HistoryJan 12, 2024 - 1:15 a.m.

CVE-2024-21597

2024-01-1201:15:47

CWE-668

[email protected]

web.nvd.nist.gov

exposure of resource

wrong sphere vulnerability

juniper networks junos os

mx series

unauthenticated

network-based attacker

access restrictions

versions earlier than 22.3r2

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.0%

JSON

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions.

In an Abstracted Fabric (AF) scenario if routing-instances (RI) are configured, specific valid traffic destined to the device can bypass the configured lo0 firewall filters as it’s received in the wrong RI context.

This issue affects Juniper Networks Junos OS on MX Series:

All versions earlier than 20.4R3-S9;
21.2 versions earlier than 21.2R3-S3;
21.4 versions earlier than 21.4R3-S5;
22.1 versions earlier than 22.1R3;
22.2 versions earlier than 22.2R3;
22.3 versions earlier than 22.3R2.

Affected configurations

NVD

Node

juniperjunosMatch20.4-

juniperjunosMatch20.4r1

juniperjunosMatch20.4r1-s1

juniperjunosMatch20.4r2

juniperjunosMatch20.4r2-s1

juniperjunosMatch20.4r2-s2

juniperjunosMatch20.4r3

juniperjunosMatch20.4r3-s1

juniperjunosMatch20.4r3-s2

juniperjunosMatch20.4r3-s3

juniperjunosMatch20.4r3-s4

juniperjunosMatch20.4r3-s5

juniperjunosMatch20.4r3-s6

juniperjunosMatch20.4r3-s7

juniperjunosMatch20.4r3-s8

Node

juniperjunosMatch21.2-

juniperjunosMatch21.2r1

juniperjunosMatch21.2r1-s1

juniperjunosMatch21.2r1-s2

juniperjunosMatch21.2r2

juniperjunosMatch21.2r2-s1

juniperjunosMatch21.2r2-s2

juniperjunosMatch21.2r3

juniperjunosMatch21.2r3-s1

juniperjunosMatch21.2r3-s2

Node

juniperjunosMatch21.4-

juniperjunosMatch21.4r1

juniperjunosMatch21.4r1-s1

juniperjunosMatch21.4r1-s2

juniperjunosMatch21.4r2

juniperjunosMatch21.4r2-s1

juniperjunosMatch21.4r2-s2

juniperjunosMatch21.4r3

juniperjunosMatch21.4r3-s1

juniperjunosMatch21.4r3-s2

juniperjunosMatch21.4r3-s3

juniperjunosMatch21.4r3-s4

Node

juniperjunosMatch22.1-

juniperjunosMatch22.1r1

juniperjunosMatch22.1r1-s1

juniperjunosMatch22.1r1-s2

juniperjunosMatch22.1r2

juniperjunosMatch22.1r2-s1

juniperjunosMatch22.1r2-s2

Node

juniperjunosMatch22.2-

juniperjunosMatch22.2r1

juniperjunosMatch22.2r1-s1

juniperjunosMatch22.2r1-s2

juniperjunosMatch22.2r2

juniperjunosMatch22.2r2-s1

juniperjunosMatch22.2r2-s2

Node

juniperjunosMatch22.3-

juniperjunosMatch22.3r1

juniperjunosMatch22.3r1-s1

juniperjunosMatch22.3r1-s2

References

supportportal.juniper.net/JSA75738

www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.0%

JSON

Related for NVD:CVE-2024-21597

cvelist1 prion1 cve1