CVE-2024-21603Improper Check for Unusual or Exceptional Conditions in Networks Junos OS

CWE-754Improper Check for Unusual or Exceptional Conditions4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 77.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJan 12

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Network Junos OS on MX Series allows a network based attacker with low privileges to cause a denial of service. If a scaled configuration for Source class usage (SCU) / destination class usage (DCU) (more than 10 route classes) is present and the SCU/DCU statistics are gathered by executing specific SNMP requests or CLI commands, a 'vmcore' for the RE kernel will be seen which leads to a device restar

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os21.221.2R3-S6+6
NVDjuniper/junos7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-f572-5hm8-87qp: An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Network Junos OS on MX Series allows a network based at2024-01-12
CVEList
Junos OS: MX Series: Gathering statistics in a scaled SCU/DCU configuration will lead to a device crash2024-01-12

📋Vendor Advisories

1
Juniper
CVE-2024-21603: An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Network Junos OS on MX Series allows a network based a2024-01-12
CVE-2024-21603 — Networks Junos OS vulnerability | cvebase