CVE-2024-21586 (GCVE-0-2024-21586)
Vulnerability from cvelistv5
Published
2024-07-01 16:34
Modified
2024-08-01 22:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series and NFX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
If an affected device receives specific valid traffic destined to the device, it will cause the PFE to crash and restart. Continued receipt and processing of this traffic will create a sustained DoS condition.
This issue affects Junos OS on SRX Series:
* 21.4 versions before 21.4R3-S7.9,
* 22.1 versions before 22.1R3-S5.3,
* 22.2 versions before 22.2R3-S4.11,
* 22.3 versions before 22.3R3,
* 22.4 versions before 22.4R3.
This issue affects Junos OS on NFX Series:
* 21.4 versions before 21.4R3-S8,
* 22.1 versions after 22.1R1,
* 22.2 versions before 22.2R3-S5,
* 22.3 versions before 22.3R3,
* 22.4 versions before 22.4R3.
Junos OS versions prior to 21.4R1 are not affected by this issue.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Juniper Networks | Junos OS |
Version: 21.4 ≤ Version: 22.1 ≤ Version: 22.2 ≤ Version: 22.3 ≤ Version: 22.4 ≤ |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:juniper:junos:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "junos",
"vendor": "juniper",
"versions": [
{
"lessThan": "21.4r1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
"cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "junos",
"vendor": "juniper",
"versions": [
{
"lessThan": "21.4r3-s7.9",
"status": "affected",
"version": "21.4",
"versionType": "custom"
},
{
"lessThan": "22.1r3-s5.3",
"status": "affected",
"version": "22.1",
"versionType": "custom"
},
{
"lessThan": "22.2r3-s4.11",
"status": "affected",
"version": "22.2",
"versionType": "custom"
},
{
"lessThan": "22.3r3",
"status": "affected",
"version": "22.3",
"versionType": "custom"
},
{
"lessThan": "22.4r3",
"status": "affected",
"version": "22.4",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21586",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T18:15:05.037600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T18:15:08.861Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:34.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA83195"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.4R1",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S7.9",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S5.3",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S4.11",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3",
"status": "affected",
"version": "22.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"NFX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.4R1",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S8",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"status": "affected",
"version": "22.1"
},
{
"lessThan": "22.2R3-S5",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R3",
"status": "affected",
"version": "22.4",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-07-01T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series and NFX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\u003cbr\u003e\u003cbr\u003eIf an affected device receives specific valid traffic destined to the device, it will cause the PFE to crash and restart. Continued receipt and processing of this traffic will create a sustained DoS condition.\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects Junos OS on SRX Series:\u003c/span\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e21.4 versions before 21.4R3-S7.9,\u003c/li\u003e\u003cli\u003e22.1 versions before 22.1R3-S5.3,\u003c/li\u003e\u003cli\u003e22.2 versions before 22.2R3-S4.11,\u003c/li\u003e\u003cli\u003e22.3 versions before 22.3R3,\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R3.\u003c/li\u003e\n\n\u003c/ul\u003e\n\n\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects Junos OS on NFX Series:\u003c/span\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e21.4 versions before 21.4R3-S8,\u003c/li\u003e\u003cli\u003e22.1 versions after 22.1R1,\u003c/li\u003e\u003cli\u003e22.2 versions before 22.2R3-S5,\u003c/li\u003e\u003cli\u003e22.3 versions before 22.3R3,\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R3.\u003c/li\u003e\n\n\u003c/ul\u003e\n\nJunos OS versions prior to 21.4R1 are not affected by this issue."
}
],
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series and NFX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\nIf an affected device receives specific valid traffic destined to the device, it will cause the PFE to crash and restart. Continued receipt and processing of this traffic will create a sustained DoS condition.\n\nThis issue affects Junos OS on SRX Series:\n\n * 21.4 versions before 21.4R3-S7.9,\n * 22.1 versions before 22.1R3-S5.3,\n * 22.2 versions before 22.2R3-S4.11,\n * 22.3 versions before 22.3R3,\n * 22.4 versions before 22.4R3.\n\n\n\n\n\n\nThis issue affects Junos OS on NFX Series:\n\n * 21.4 versions before 21.4R3-S8,\n * 22.1 versions after 22.1R1,\n * 22.2 versions before 22.2R3-S5,\n * 22.3 versions before 22.3R3,\n * 22.4 versions before 22.4R3.\n\n\n\n\n\n\nJunos OS versions prior to 21.4R1 are not affected by this issue."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\u0026nbsp;However, multiple occurrences of this issue have been reported in production."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\u00a0However, multiple occurrences of this issue have been reported in production."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T11:56:34.905Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA83195"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nThe following software releases have been updated to resolve this specific issue: \u003cbr\u003eSRX Series: 21.4R3-S7.\u003cstrong\u003e9\u003c/strong\u003e, 22.1R3-S5.\u003cstrong\u003e3\u003c/strong\u003e, 22.2R3-S4.\u003cstrong\u003e11\u003c/strong\u003e, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases;\u003cbr\u003eNFX Series: 21.4R3-S8, 22.2R3-S5*, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases.\u003cbr\u003e* Pending publication.\u003cbr\u003e\u003cbr\u003ePlease note that the software versions 21.4R3-S7.9, 22.1R3-S5.3 and 22.2R3-S4.11 are respins of previously released versions, so special attention needs to be paid to the last digits of the version number.\n\n"
}
],
"value": "\nThe following software releases have been updated to resolve this specific issue: \nSRX Series: 21.4R3-S7.9, 22.1R3-S5.3, 22.2R3-S4.11, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases;\nNFX Series: 21.4R3-S8, 22.2R3-S5*, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases.\n* Pending publication.\n\nPlease note that the software versions 21.4R3-S7.9, 22.1R3-S5.3 and 22.2R3-S4.11 are respins of previously released versions, so special attention needs to be paid to the last digits of the version number.\n\n"
}
],
"source": {
"advisory": "JSA83195",
"defect": [
"1719594"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2024-07-01T16:00:00.000Z",
"value": "Initial Publication"
},
{
"lang": "en",
"time": "2024-07-18T11:55:00.000Z",
"value": "Updated to include NFX Series as affected with the resp. fixes. Added link to CVE at cve.org"
}
],
"title": "Junos OS: SRX Series and NFX Series: Specific valid traffic leads to a PFE crash",
"workarounds": [
{
"lang": "en",
"value": "There are no known workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2024-21586",
"datePublished": "2024-07-01T16:34:21.768Z",
"dateReserved": "2023-12-27T19:38:25.703Z",
"dateUpdated": "2024-08-01T22:27:34.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://supportportal.juniper.net/JSA83195\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T22:27:34.830Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-21586\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-01T18:15:05.037600Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:juniper:junos:-:*:*:*:*:*:*:*\"], \"vendor\": \"juniper\", \"product\": \"junos\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"21.4r1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*\", \"cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*\", \"cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*\", \"cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*\", \"cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*\"], \"vendor\": \"juniper\", \"product\": \"junos\", \"versions\": [{\"status\": \"affected\", \"version\": \"21.4\", \"lessThan\": \"21.4r3-s7.9\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"22.1\", \"lessThan\": \"22.1r3-s5.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"22.2\", \"lessThan\": \"22.2r3-s4.11\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"22.3\", \"lessThan\": \"22.3r3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"22.4\", \"lessThan\": \"22.4r3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-01T18:14:51.149Z\"}}], \"cna\": {\"title\": \"Junos OS: SRX Series and NFX Series: Specific valid traffic leads to a PFE crash\", \"source\": {\"defect\": [\"1719594\"], \"advisory\": \"JSA83195\", \"discovery\": \"USER\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"21.4R1\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"21.4\", \"lessThan\": \"21.4R3-S7.9\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.1\", \"lessThan\": \"22.1R3-S5.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.2\", \"lessThan\": \"22.2R3-S4.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.3\", \"lessThan\": \"22.3R3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.4\", \"lessThan\": \"22.4R3\", \"versionType\": \"semver\"}], \"platforms\": [\"SRX Series\"], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"21.4R1\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"21.4\", \"lessThan\": \"21.4R3-S8\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.1\"}, {\"status\": \"affected\", \"version\": \"22.2\", \"lessThan\": \"22.2R3-S5\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.3\", \"lessThan\": \"22.3R3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.4\", \"lessThan\": \"22.4R3\", \"versionType\": \"semver\"}], \"platforms\": [\"NFX Series\"], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\\u00a0However, multiple occurrences of this issue have been reported in production.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\u0026nbsp;However, multiple occurrences of this issue have been reported in production.\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-07-01T16:00:00.000Z\", \"value\": \"Initial Publication\"}, {\"lang\": \"en\", \"time\": \"2024-07-18T11:55:00.000Z\", \"value\": \"Updated to include NFX Series as affected with the resp. fixes. Added link to CVE at cve.org\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"\\nThe following software releases have been updated to resolve this specific issue: \\nSRX Series: 21.4R3-S7.9, 22.1R3-S5.3, 22.2R3-S4.11, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases;\\nNFX Series: 21.4R3-S8, 22.2R3-S5*, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases.\\n* Pending publication.\\n\\nPlease note that the software versions 21.4R3-S7.9, 22.1R3-S5.3 and 22.2R3-S4.11 are respins of previously released versions, so special attention needs to be paid to the last digits of the version number.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\nThe following software releases have been updated to resolve this specific issue: \u003cbr\u003eSRX Series: 21.4R3-S7.\u003cstrong\u003e9\u003c/strong\u003e, 22.1R3-S5.\u003cstrong\u003e3\u003c/strong\u003e, 22.2R3-S4.\u003cstrong\u003e11\u003c/strong\u003e, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases;\u003cbr\u003eNFX Series: 21.4R3-S8, 22.2R3-S5*, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases.\u003cbr\u003e* Pending publication.\u003cbr\u003e\u003cbr\u003ePlease note that the software versions 21.4R3-S7.9, 22.1R3-S5.3 and 22.2R3-S4.11 are respins of previously released versions, so special attention needs to be paid to the last digits of the version number.\\n\\n\", \"base64\": false}]}], \"datePublic\": \"2024-07-01T16:00:00.000Z\", \"references\": [{\"url\": \"https://supportportal.juniper.net/JSA83195\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"There are no known workarounds for this issue.\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series and NFX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\\n\\nIf an affected device receives specific valid traffic destined to the device, it will cause the PFE to crash and restart. Continued receipt and processing of this traffic will create a sustained DoS condition.\\n\\nThis issue affects Junos OS on SRX Series:\\n\\n * 21.4 versions before 21.4R3-S7.9,\\n * 22.1 versions before 22.1R3-S5.3,\\n * 22.2 versions before 22.2R3-S4.11,\\n * 22.3 versions before 22.3R3,\\n * 22.4 versions before 22.4R3.\\n\\n\\n\\n\\n\\n\\nThis issue affects Junos OS on NFX Series:\\n\\n * 21.4 versions before 21.4R3-S8,\\n * 22.1 versions after 22.1R1,\\n * 22.2 versions before 22.2R3-S5,\\n * 22.3 versions before 22.3R3,\\n * 22.4 versions before 22.4R3.\\n\\n\\n\\n\\n\\n\\nJunos OS versions prior to 21.4R1 are not affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series and NFX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\u003cbr\u003e\u003cbr\u003eIf an affected device receives specific valid traffic destined to the device, it will cause the PFE to crash and restart. Continued receipt and processing of this traffic will create a sustained DoS condition.\u003cbr\u003e\u003cbr\u003e\u003cspan style=\\\"background-color: var(--wht);\\\"\u003eThis issue affects Junos OS on SRX Series:\u003c/span\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e21.4 versions before 21.4R3-S7.9,\u003c/li\u003e\u003cli\u003e22.1 versions before 22.1R3-S5.3,\u003c/li\u003e\u003cli\u003e22.2 versions before 22.2R3-S4.11,\u003c/li\u003e\u003cli\u003e22.3 versions before 22.3R3,\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R3.\u003c/li\u003e\\n\\n\u003c/ul\u003e\\n\\n\u003cspan style=\\\"background-color: var(--wht);\\\"\u003eThis issue affects Junos OS on NFX Series:\u003c/span\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e21.4 versions before 21.4R3-S8,\u003c/li\u003e\u003cli\u003e22.1 versions after 22.1R1,\u003c/li\u003e\u003cli\u003e22.2 versions before 22.2R3-S5,\u003c/li\u003e\u003cli\u003e22.3 versions before 22.3R3,\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R3.\u003c/li\u003e\\n\\n\u003c/ul\u003e\\n\\nJunos OS versions prior to 21.4R1 are not affected by this issue.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-754\", \"description\": \"CWE-754 Improper Check for Unusual or Exceptional Conditions\"}]}], \"providerMetadata\": {\"orgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"shortName\": \"juniper\", \"dateUpdated\": \"2024-07-18T11:56:34.905Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-21586\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T22:27:34.830Z\", \"dateReserved\": \"2023-12-27T19:38:25.703Z\", \"assignerOrgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"datePublished\": \"2024-07-01T16:34:21.768Z\", \"assignerShortName\": \"juniper\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…