CVE-2024-21595

Published Jan 12, 2024

Last updated 3 months ago

CVSS high 7.5

Overview

Description: An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). If an attacker sends high rate of specific ICMP traffic to a device with VXLAN configured, this causes a deadlock of the PFE and results in the device becoming unresponsive. A manual restart will be required to recover the device. This issue only affects EX4100, EX4400, EX4600, QFX5000 Series devices. This issue affects: Juniper Networks Junos OS * 21.4R3 versions earlier than 21.4R3-S4; * 22.1R3 versions earlier than 22.1R3-S3; * 22.2R2 versions earlier than 22.2R3-S1; * 22.3 versions earlier than 22.3R2-S2, 22.3R3; * 22.4 versions earlier than 22.4R2; * 23.1 versions earlier than 23.1R2.
Source: sirt@juniper.net
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

sirt@juniper.net: CWE-1286
nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0038F142-6F5E-476D-A1EC-E977FD30F155"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:juniper:ex4100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C2521C83-E8F2-4621-9727-75BB3FC11E64"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4B43F6CB-0595-4957-8B3B-ADD4EA84D8C2"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5100-96s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6BD0F680-ED30-48F3-A5D9-988D510CFC0D"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "09EBDE4B-764F-4DF1-844A-BB8A52CD53EF"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5130:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AB58A6E9-FFCF-4331-AC3B-45C37BD1943E"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5200-32c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "38D790AD-D00F-4FED-96FE-3046C827356B"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5200-48y:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BAD9AD5C-947D-41EF-9969-FCCEB144984F"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D877320D-1997-4B66-B11B-864020C755E1"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5210-64c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B86047DE-A0A0-4698-9414-B66C0FA7B544"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5220:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D193BEBD-9436-468D-B89E-D5720603451D"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C7D6C74F-E85F-4D62-BDAF-FE619B467C76"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References