Lucene search

[email protected]NVD:CVE-2024-21602

HistoryJan 12, 2024 - 1:15 a.m.

CVE-2024-21602

2024-01-1201:15:48

CWE-476

[email protected]

web.nvd.nist.gov

juniper networks

junos os

evolved

acx7024

acx7100-32c

acx7100-48l

dos

ipv4

udp

vulnerability

denial of service

21.4-evo

21.4r3-s6-evo

22.1-evo

22.1r3-s5-evo

22.2-evo

22.2r2-s1-evo

22.2r3-evo

22.3-evo

22.3r2-evo

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

17.1%

JSON

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).

If a specific IPv4 UDP packet is received and sent to the Routing Engine (RE) packetio crashes and restarts which causes a momentary traffic interruption. Continued receipt of such packets will lead to a sustained DoS.

This issue does not happen with IPv6 packets.

This issue affects Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L:

21.4-EVO versions earlier than 21.4R3-S6-EVO;
22.1-EVO versions earlier than 22.1R3-S5-EVO;
22.2-EVO versions earlier than 22.2R2-S1-EVO, 22.2R3-EVO;
22.3-EVO versions earlier than 22.3R2-EVO.

This issue does not affect Juniper Networks Junos OS Evolved versions earlier than 21.4R1-EVO.

Affected configurations

NVD

Node

juniperjunos_os_evolvedMatch21.4-

juniperjunos_os_evolvedMatch21.4r1

juniperjunos_os_evolvedMatch21.4r1-s1

juniperjunos_os_evolvedMatch21.4r1-s2

juniperjunos_os_evolvedMatch21.4r2

juniperjunos_os_evolvedMatch21.4r2-s1

juniperjunos_os_evolvedMatch21.4r2-s2

juniperjunos_os_evolvedMatch21.4r3

juniperjunos_os_evolvedMatch21.4r3-s1

juniperjunos_os_evolvedMatch21.4r3-s2

juniperjunos_os_evolvedMatch21.4r3-s3

juniperjunos_os_evolvedMatch21.4r3-s4

juniperjunos_os_evolvedMatch21.4r3-s5

Node

juniperjunos_os_evolvedMatch22.1-

juniperjunos_os_evolvedMatch22.1r1

juniperjunos_os_evolvedMatch22.1r1-s1

juniperjunos_os_evolvedMatch22.1r1-s2

juniperjunos_os_evolvedMatch22.1r2

juniperjunos_os_evolvedMatch22.1r2-s1

juniperjunos_os_evolvedMatch22.1r3

juniperjunos_os_evolvedMatch22.1r3-s1

juniperjunos_os_evolvedMatch22.1r3-s2

juniperjunos_os_evolvedMatch22.1r3-s3

juniperjunos_os_evolvedMatch22.1r3-s4

Node

juniperjunos_os_evolvedMatch22.2-

juniperjunos_os_evolvedMatch22.2r1

juniperjunos_os_evolvedMatch22.2r1-s1

juniperjunos_os_evolvedMatch22.2r2

Node

juniperjunos_os_evolvedMatch22.3-

juniperjunos_os_evolvedMatch22.3r1

juniperjunos_os_evolvedMatch22.3r1-s1

juniperjunos_os_evolvedMatch22.3r1-s2

References

supportportal.juniper.net/JSA75743

www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for NVD:CVE-2024-21602

prion1 nessus1 cvelist1 cve1