CVE-2024-21586
Published: Jul 1, 2024
Modified: Aug 1, 2024
CVSS v3.1
7.5
Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series and NFX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an affected device receives specific valid traffic destined to the device, it will cause the PFE to crash and restart. Continued receipt and processing of this traffic will create a sustained DoS condition. This issue affects Junos OS on SRX Series: * 21.4 versions before 21.4R3-S7.9, * 22.1 versions before 22.1R3-S5.3, * 22.2 versions before 22.2R3-S4.11, * 22.3 versions before 22.3R3, * 22.4 versions before 22.4R3. This issue affects Junos OS on NFX Series: * 21.4 versions before 21.4R3-S8, * 22.1 versions after 22.1R1, * 22.2 versions before 22.2R3-S5, * 22.3 versions before 22.3R3, * 22.4 versions before 22.4R3. Junos OS versions prior to 21.4R1 are not affected by this issue.
| Vendor | Product | Versions |
|---|---|---|
Juniper Networks | Junos OS | unaffected 0 - < 21.4R1affected 21.4 - < 21.4R3-S7.9affected 22.1 - < 22.1R3-S5.3affected 22.2 - < 22.2R3-S4.11affected 22.3 - < 22.3R3+1 more versions |
Juniper Networks | Junos OS | unaffected 0 - < 21.4R1affected 21.4 - < 21.4R3-S8affected 22.1affected 22.2 - < 22.2R3-S5affected 22.3 - < 22.3R3+1 more versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now