CVE-2024-21605 — Resource Exposure in Networks Junos OS

CWE-668 — Resource Exposure4 documents4 sources

Severity

7.1HIGHNVD

EPSS

0.1%

top 81.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedApr 12

Description

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). Specific valid link-local traffic is not blocked on ports in STP blocked state but is instead sent to the control plane of the device. This leads to excessive resource consumption and in turn severe impact on all control and management protocols of the device. This issue affe…

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os21.2R3-S3 — 21.2R3-S6+5

▶NVDjuniper/junos6 versions+5

🔴Vulnerability Details

CVEList

Junos OS: SRX 300 Series: Specific link local traffic causes a control plane overload↗2024-04-12

▶

GHSA

GHSA-24g5-r7q6-hhmg: An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX 300 Series allows an u↗2024-04-12

▶

📋Vendor Advisories

Juniper

CVE-2024-21605: An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX 300 Series allows an u↗2024-04-12

▶