CVE-2024-21603

{"id": "CVE-2024-21603", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2024-01-12T01:15:48.467", "references": [{"url": "https://supportportal.juniper.net/JSA75744", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}, {"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "tags": ["Third Party Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-754"}]}, {"type": "Secondary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-754"}]}], "descriptions": [{"lang": "en", "value": "\nAn Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Network Junos OS on MX Series allows a network based attacker with low privileges to cause a denial of service.\n\nIf a scaled configuration for Source class usage (SCU) / destination class usage (DCU) (more than 10 route classes) is present and the SCU/DCU statistics are gathered by executing specific SNMP requests or CLI commands, a 'vmcore' for the RE kernel will be seen which leads to a device restart. Continued exploitation of this issue will lead to a sustained DoS.\n\nThis issue only affects MX Series devices with MPC10, MPC11 or LC9600, and MX304. No other MX Series devices are affected.\n\nThis issue affects Juniper Networks Junos OS:\n\n\n\n * All versions earlier than 20.4R3-S9;\n * 21.2 versions earlier than 21.2R3-S6;\n * 21.3 versions earlier than 21.3R3-S5;\n * 21.4 versions earlier than 21.4R3;\n * 22.1 versions earlier than 22.1R3;\n * 22.2 versions earlier than 22.2R2;\n * 22.3 versions earlier than 22.3R2.\n\n\n\n\n\n\n"}, {"lang": "es", "value": "Una vulnerabilidad de verificaci\u00f3n inadecuada de condiciones inusuales o excepcionales en el kernel de Juniper Network Junos OS en la serie MX permite que un atacante basado en red con privilegios bajos provoque una denegaci\u00f3n de servicio. Si est\u00e1 presente una configuraci\u00f3n escalada para el uso de clase de origen (SCU)/uso de clase de destino (DCU) (m\u00e1s de 10 clases de ruta) y las estad\u00edsticas de SCU/DCU se recopilan mediante la ejecuci\u00f3n de solicitudes SNMP espec\u00edficas o comandos CLI, se crear\u00e1 un 'vmcore' para el Se ver\u00e1 el kernel RE, lo que provocar\u00e1 un reinicio del dispositivo. La explotaci\u00f3n continua de este problema conducir\u00e1 a un DoS sostenido. Este problema solo afecta a los dispositivos de la serie MX con MPC10, MPC11 o LC9600 y MX304. Ning\u00fan otro dispositivo de la serie MX se ve afectado. Este problema afecta a Juniper Networks Junos OS: * Todas las versiones anteriores a 20.4R3-S9; * Versiones 21.2 anteriores a 21.2R3-S6; * Versiones 21.3 anteriores a 21.3R3-S5; * Versiones 21.4 anteriores a 21.4R3; * Versiones 22.1 anteriores a 22.1R3; * Versiones 22.2 anteriores a 22.2R2; * Versiones 22.3 anteriores a 22.3R2."}], "lastModified": "2024-01-19T22:56:11.320", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "977DEF80-0DB5-4828-97AC-09BB3111D585"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C445622E-8E57-4990-A71A-E1993BFCB91A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}