CVE-2024-21614

Published Jan 12, 2024

Last updated 10 months ago

Overview

Description: An Improper Check for Unusual or Exceptional Conditions vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause rpd to crash, leading to Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when NETCONF and gRPC are enabled, and a specific query is executed via Dynamic Rendering (DREND), rpd will crash and restart. Continuous execution of this specific query will cause a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS * 22.2 versions earlier than 22.2R2-S2, 22.2R3; * 22.3 versions earlier than 22.3R2, 22.3R3. Juniper Networks Junos OS Evolved * 22.2 versions earlier than 22.2R2-S2-EVO, 22.2R3-EVO; * 22.3 versions earlier than 22.3R2-EVO, 22.3R3-EVO. This issue does not affect Juniper Networks: Junos OS versions earlier than 22.2R1; Junos OS Evolved versions earlier than 22.2R1-EVO.
Source: sirt@juniper.net
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-754
sirt@juniper.net: CWE-754

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.1

Weaknesses

Configurations

References