Vulnerabilities > CVE-2024-21595 - Unspecified vulnerability in Juniper Junos

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

juniper

NVD

Published: 2024-01-12

Updated: 2024-01-18

Summary

An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). If an attacker sends high rate of specific ICMP traffic to a device with VXLAN configured, this causes a deadlock of the PFE and results in the device becoming unresponsive. A manual restart will be required to recover the device. This issue only affects EX4100, EX4400, EX4600, QFX5000 Series devices. This issue affects: Juniper Networks Junos OS * 21.4R3 versions earlier than 21.4R3-S4; * 22.1R3 versions earlier than 22.1R3-S3; * 22.2R2 versions earlier than 22.2R3-S1; * 22.3 versions earlier than 22.3R2-S2, 22.3R3; * 22.4 versions earlier than 22.4R2; * 23.1 versions earlier than 23.1R2.

Vulnerable Configurations

Part	Description	Count
OS	Juniper Juniper Junos 21.4 Juniper Junos 22.1 Juniper Junos 22.2 Juniper Junos 22.3 Juniper Junos 22.4 Juniper Junos 23.1	22
Hardware	Juniper Juniper Ex4100 - Juniper Ex4400 - Juniper Ex4600 - Juniper Qfx5100 - Juniper Qfx5100 96S - Juniper Qfx5110 - Juniper Qfx5120 - Juniper Qfx5130 - Juniper Qfx5200 - Juniper Qfx5200 32C - Juniper Qfx5200 48Y - Juniper Qfx5210 - Juniper Qfx5210 64C - Juniper Qfx5220 - Juniper Qfx5700 -	15

Summary

Vulnerable Configurations

References