CVE-2024-21617 — Incomplete Cleanup in Networks Junos OS

CWE-459 — Incomplete Cleanup4 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

0.0%

top 86.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedJan 12

Description

An Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service (DoS). On all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual reboot of the system will restore the services. Note: NSR is not supported on the SRX Series and is therefore not affected by this vulnerability. The memory usage can be monitored using the below c…

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os21.2 — 21.2R3-S5+6

▶NVDjuniper/junos7 versions+6

🔴Vulnerability Details

CVEList

Junos OS: BGP flap on NSR-enabled devices causes memory leak↗2024-01-12

▶

GHSA

GHSA-mmpf-h3x8-v558: An Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacke↗2024-01-12

▶

📋Vendor Advisories

Juniper

CVE-2024-21617: An Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper Networks Junos OS allows an adjacent, unauthenticated attack↗2024-01-12

▶