CVE-2025-21596

Published: Jan 9, 2025

Modified: Jan 9, 2025

PUBLISHED

CVSS v3.1

5.5

MEDIUM

Description

An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4200 devices allows a local, low-privileged authenticated attacker executing the 'show chassis environment pem' command to cause the chassis daemon (chassisd) to crash and restart, resulting in a temporary Denial of Service (DoS). However, repeated execution of this command will eventually cause the chassisd process to fail to restart, impacting packet processing on the system. This issue affects Junos OS on SRX1500, SRX4100, SRX4200: * All versions before 21.4R3-S9, * from 22.2 before 22.2R3-S5, * from 22.3 before 22.3R3-S4, * from 22.4 before 22.4R3-S4, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S1.

Vendor	Product	Versions
Juniper Networks	Junos OS	affected `0 - < 21.4R3-S9` affected `22.2 - < 22.2R3-S5` affected `22.3 - < 22.3R3-S4` affected `22.4 - < 22.4R3-S4` affected `23.2 - < 23.2R2-S3` +1 more versions

Weaknesses (CWE)

CWE-755

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

References

https://supportportal.juniper.net/JSA92864

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-21596

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References