CVE-2024-21616

Published Jan 12, 2024

Last updated 3 months ago

CVSS high 7.5

Overview

Description: An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS MX Series and SRX Series platforms, when SIP ALG is enabled, and a specific SIP packet is received and processed, NAT IP allocation fails for genuine traffic, which causes Denial of Service (DoS). Continuous receipt of this specific SIP ALG packet will cause a sustained DoS condition. NAT IP usage can be monitored by running the following command. user@srx> show security nat resource-usage source-pool <source_pool_name> Pool name: source_pool_name .. Address Factor-index Port-range Used Avail Total Usage X.X.X.X 0 Single Ports 50258 52342 62464 96% <<<<< - Alg Ports 0 2048 2048 0% This issue affects: Juniper Networks Junos OS on MX Series and SRX Series * All versions earlier than 21.2R3-S6; * 21.3 versions earlier than 21.3R3-S5; * 21.4 versions earlier than 21.4R3-S5; * 22.1 versions earlier than 22.1R3-S4; * 22.2 versions earlier than 22.2R3-S3; * 22.3 versions earlier than 22.3R3-S1; * 22.4 versions earlier than 22.4R2-S2, 22.4R3; * 23.2 versions earlier than 23.2R1-S1, 23.2R2.
Source: sirt@juniper.net
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

sirt@juniper.net: CWE-1286
nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D49FFB60-BA71-4902-9404-E67162919ADC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFF72FCA-C440-4D43-9BDB-F712DB413717"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20EBC676-1B26-4A71-8326-0F892124290A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References