CVE-2024-21597 — Resource Exposure in Networks Junos OS

CWE-668 — Resource Exposure4 documents4 sources

Severity

7.5HIGHNVD

CNA5.3

EPSS

0.0%

top 89.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedJan 12

Description

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric (AF) scenario if routing-instances (RI) are configured, specific valid traffic destined to the device can bypass the configured lo0 firewall filters as it's received in the wrong RI context. This issue affects Juniper Networks Junos OS on MX Seri…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os21.2 — 21.2R3-S3+5

▶NVDjuniper/junos6 versions+5

🔴Vulnerability Details

GHSA

GHSA-m474-q42g-p73p: An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauth↗2024-01-12

▶

CVEList

Junos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters↗2024-01-12

▶

📋Vendor Advisories

Juniper

CVE-2024-21597: An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unaut↗2024-01-12

▶