CVE-2024-21616Improper Validation of Syntactic Correctness of Input in Networks Junos OS

CWE-1286Improper Validation of Syntactic Correctness of Input4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 57.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJan 12

Description

An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS MX Series and SRX Series platforms, when SIP ALG is enabled, and a specific SIP packet is received and processed, NAT IP allocation fails for genuine traffic, which causes Denial of Service (DoS). Continuous receipt of this specific SIP ALG packet will cause a sust

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os21.321.3R3-S5+7
NVDjuniper/junos8 versions+7

🔴Vulnerability Details

2
CVEList
Junos OS: MX Series and SRX Series: Processing of a specific SIP packet causes NAT IP allocation to fail2024-01-12
GHSA
GHSA-355p-vp22-pp2v: An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauth2024-01-12

📋Vendor Advisories

1
Juniper
CVE-2024-21616: An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unaut2024-01-12
CVE-2024-21616 — Networks Junos OS vulnerability | cvebase