CVE-2024-21593Improper Check or Handling of Exceptional Conditions in Networks Junos OS

CWE-703Improper Check or Handling of Exceptional Conditions4 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.1%
top 76.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedApr 12

Description

An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If an attacker sends a specific MPLS packet, which upon processing, causes an internal loop, that leads to a PFE crash and restart. Continued receipt of these packets leads to a sustained Denial of Service (DoS) condition. Circuit cross-connect (CCC) needs to

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

CVEListV5juniper_networks/junos_os21.4R321.4R3-S5+5
NVDjuniper/junos5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-chjj-m6f7-j5g6: An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS2024-04-12
CVEList
Junos OS: MX Series with MPC10, MPC11, LC9600, and MX304: A specific MPLS packet will cause a PFE crash2024-04-12

📋Vendor Advisories

1
Juniper
CVE-2024-21593: An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS2024-04-12
CVE-2024-21593 — Networks Junos OS vulnerability | cvebase