CVE-2024-21612 — Improper Handling of Syntactically Invalid Structure in Networks Junos OS Evolved

CWE-228 — Improper Handling of Syntactically Invalid Structure4 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.2%

top 59.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Evolved Juniper Junos OS Evolved

Timeline

PublishedJan 12

Description

An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding Protocol (OFP) service of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On all Junos OS Evolved platforms, when specific TCP packets are received on an open OFP port, the OFP crashes leading to a restart of Routine Engine (RE). Continuous receipt of these specific TCP packets will lead to a sustained Denial of Service (DoS) condition.…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os_evolved21.3 — 21.3R3-S5-EVO +6

▶NVDjuniper/junos_os_evolved< 21.2+7

🔴Vulnerability Details

GHSA

GHSA-rj85-c5h6-pfrr: An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding Protocol (OFP) service of Juniper Networks Junos OS Evolved a↗2024-01-12

▶

CVEList

Junos OS Evolved: Specific TCP traffic causes OFP core and restart of RE↗2024-01-12

▶

📋Vendor Advisories

Juniper

CVE-2024-21612: An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding Protocol (OFP) service of Juniper Networks Junos OS Evol↗2024-01-12

▶