CVE-2024-21591
Vulnerability from cvelistv5
Published
2024-01-12 00:52
Modified
2024-10-25 20:23
Severity ?
Summary
An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device. This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory. This issue affects Juniper Networks Junos OS SRX Series and EX Series: * Junos OS versions earlier than 20.4R3-S9; * Junos OS 21.2 versions earlier than 21.2R3-S7; * Junos OS 21.3 versions earlier than 21.3R3-S5; * Junos OS 21.4 versions earlier than 21.4R3-S5; * Junos OS 22.1 versions earlier than 22.1R3-S4; * Junos OS 22.2 versions earlier than 22.2R3-S3; * Junos OS 22.3 versions earlier than 22.3R3-S2; * Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:27:34.836Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://supportportal.juniper.net/JSA75729"
          },
          {
            "tags": [
              "technical-description",
              "x_transferred"
            ],
            "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
          },
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://curesec.com/blog/article/CVE-2024-21591_Juniper_Remote_Code_Exec.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21591",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T20:22:34.376222Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-25T20:23:00.384Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "SRX Series",
            "EX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "20.4R3-S9",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "21.2R3-S7",
              "status": "affected",
              "version": "21.2",
              "versionType": "semver"
            },
            {
              "lessThan": "21.3R3-S5",
              "status": "affected",
              "version": "21.3",
              "versionType": "semver"
            },
            {
              "lessThan": "21.4R3-S5",
              "status": "affected",
              "version": "21.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.1R3-S4",
              "status": "affected",
              "version": "22.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R3-S3",
              "status": "affected",
              "version": "22.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R3-S2",
              "status": "affected",
              "version": "22.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R2-S2, 22.4R3",
              "status": "affected",
              "version": "22.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe following minimal configuration must be present on the device:\u003c/p\u003e\u003ctt\u003e[system services web-management http]\u003c/tt\u003e\u003cp\u003eor\u003c/p\u003e\u003ctt\u003e[system services web-management https]\u003c/tt\u003e"
            }
          ],
          "value": "The following minimal configuration must be present on the device:\n\n[system services web-management http]or\n\n[system services web-management https]"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "The Juniper SIRT would like to would like to acknowledge and thank Marco Lux of Curesec for responsibly reporting this vulnerability"
        }
      ],
      "datePublic": "2024-01-10T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eAn Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device.\u003c/p\u003e\u003cp\u003eThis issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory.\u003c/p\u003e\u003cp\u003eThis issue affects Juniper Networks Junos OS SRX Series and EX Series:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eJunos OS versions earlier than 20.4R3-S9;\u003c/li\u003e\u003cli\u003eJunos OS 21.2 versions earlier than 21.2R3-S7;\u003c/li\u003e\u003cli\u003eJunos OS 21.3 versions earlier than 21.3R3-S5;\u003c/li\u003e\u003cli\u003eJunos OS 21.4 versions earlier than 21.4R3-S5;\u003c/li\u003e\u003cli\u003eJunos OS 22.1 versions earlier than 22.1R3-S4;\u003c/li\u003e\u003cli\u003eJunos OS 22.2 versions earlier than 22.2R3-S3;\u003c/li\u003e\u003cli\u003eJunos OS 22.3 versions earlier than 22.3R3-S2;\u003c/li\u003e\u003cli\u003eJunos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\n"
            }
          ],
          "value": "\nAn Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device.\n\nThis issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory.\n\nThis issue affects Juniper Networks Junos OS SRX Series and EX Series:\n\n\n\n  *  Junos OS versions earlier than 20.4R3-S9;\n  *  Junos OS 21.2 versions earlier than 21.2R3-S7;\n  *  Junos OS 21.3 versions earlier than 21.3R3-S5;\n  *  Junos OS 21.4 versions earlier than 21.4R3-S5;\n  *  Junos OS 22.1 versions earlier than 22.1R3-S4;\n  *  Junos OS 22.2 versions earlier than 22.2R3-S3;\n  *  Junos OS 22.3 versions earlier than 22.3R3-S2;\n  *  Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3.\n\n\n\n\n\n\n"
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-09T23:35:58.570Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/JSA75729"
        },
        {
          "tags": [
            "technical-description"
          ],
          "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://curesec.com/blog/article/CVE-2024-21591_Juniper_Remote_Code_Exec.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: \u003c/p\u003e\u003cp\u003eJunos OS: 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S2, 22.4R2-S2, 22.4R3, 23.2R1-S1, 23.2R2, 23.4R1, and all subsequent releases.\u003c/p\u003e"
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS: 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S3, 22.3R3-S2, 22.4R2-S2, 22.4R3, 23.2R1-S1, 23.2R2, 23.4R1, and all subsequent releases.\n\n"
        }
      ],
      "source": {
        "advisory": "JSA75729",
        "defect": [
          "1747984"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-01-10T17:00:00.000Z",
          "value": "Initial Publication"
        },
        {
          "lang": "en",
          "time": "2024-02-09T20:00:00.000Z",
          "value": "Added third-party advisory reference link"
        }
      ],
      "title": "Junos OS: SRX Series and EX Series: Security Vulnerability in J-web allows a preAuth Remote Code Execution",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eDisable J-Web, or limit access to only trusted hosts.\u003c/p\u003e"
            }
          ],
          "value": "Disable J-Web, or limit access to only trusted hosts.\n\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-av217"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2024-21591",
    "datePublished": "2024-01-12T00:52:04.028Z",
    "dateReserved": "2023-12-27T19:38:25.704Z",
    "dateUpdated": "2024-10-25T20:23:00.384Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-21591\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2024-01-12T01:15:46.697\",\"lastModified\":\"2024-11-21T08:54:40.447\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\nAn Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device.\\n\\nThis issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory.\\n\\nThis issue affects Juniper Networks Junos OS SRX Series and EX Series:\\n\\n\\n\\n  *  Junos OS versions earlier than 20.4R3-S9;\\n  *  Junos OS 21.2 versions earlier than 21.2R3-S7;\\n  *  Junos OS 21.3 versions earlier than 21.3R3-S5;\\n  *  Junos OS 21.4 versions earlier than 21.4R3-S5;\\n  *  Junos OS 22.1 versions earlier than 22.1R3-S4;\\n  *  Junos OS 22.2 versions earlier than 22.2R3-S3;\\n  *  Junos OS 22.3 versions earlier than 22.3R3-S2;\\n  *  Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3.\\n\\n\\n\\n\\n\\n\\n\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de escritura fuera de los l\u00edmites en J-Web de Juniper Networks Junos OS en las series SRX y EX permite que un atacante basado en red no autenticado provoque una denegaci\u00f3n de servicio (DoS) o una ejecuci\u00f3n remota de c\u00f3digo (RCE) y obtenga privilegios de root en el dispositivo. Este problema se debe al uso de una funci\u00f3n insegura que permite a un atacante sobrescribir la memoria arbitraria. Este problema afecta a las series Junos OS SRX y EX de Juniper Networks: * Versiones de Junos OS anteriores a 20.4R3-S9; * Versiones de Junos OS 21.2 anteriores a 21.2R3-S7; * Versiones de Junos OS 21.3 anteriores a 21.3R3-S5; * Versiones de Junos OS 21.4 anteriores a 21.4R3-S5; * Versiones de Junos OS 22.1 anteriores a 22.1R3-S4; * Versiones de Junos OS 22.2 anteriores a 22.2R3-S3; * Versiones de Junos OS 22.3 anteriores a 22.3R3-S2; * Versiones de Junos OS 22.4 anteriores a 22.4R2-S2, 22.4R3.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"20.4\",\"matchCriteriaId\":\"E3A96966-5060-4139-A124-D4E2C879FD6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D361B23-A3C2-444B-BEB8-E231DA950567\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"20DDC6B7-BFC4-4F0B-8E68-442C23765BF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"037BA01C-3F5C-4503-A633-71765E9EF774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C54B047C-4B38-40C0-9855-067DCF7E48BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"38984199-E332-4A9C-A4C0-78083D052E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA6526FB-2941-4D18-9B2E-472AD5A62A53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"09876787-A40A-4340-9C12-8628C325353B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"41615104-C17E-44DA-AB0D-6E2053BD4EF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1981DE38-36B5-469D-917E-92717EE3ED53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFA68ACD-AAE5-4577-B734-23AAF77BC85A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"65948ABC-22BB-46D5-8545-0806EDB4B86E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"283E41CB-9A90-4521-96DC-F31AA592CFD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"14EEA504-CBC5-4F6F-889A-D505EC4BB5B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"977DEF80-0DB5-4828-97AC-09BB3111D585\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3-s8:*:*:*:*:*:*\",\"matchCriteriaId\":\"C445622E-8E57-4990-A71A-E1993BFCB91A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"216E7DDE-453D-481F-92E2-9F8466CDDA3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A52AF794-B36B-43A6-82E9-628658624B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3998DC76-F72F-4452-9150-652140B113EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"36ED4552-2420-45F9-B6E4-6DA2B2B12870\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C28A14E7-7EA0-4757-9764-E39A27CFDFA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A43752D-A4AF-4B4E-B95B-192E42883A5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"42986538-E9D0-4C2E-B1C4-A763A4EE451B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE22CA01-EA7E-4EE5-B59F-EE100688C1DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E596ABD9-6ECD-48DC-B770-87B7E62EA345\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"71745D02-D226-44DC-91AD-678C85F5E6FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"39E44B09-7310-428C-8144-AE9DB0484D1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"53938295-8999-4316-9DED-88E24D037852\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2307BF56-640F-49A8-B060-6ACB0F653A61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"737DDF96-7B1D-44E2-AD0F-E2F50858B2A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC78A4CB-D617-43FC-BB51-287D2D0C44ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"30FF67F8-1E3C-47A8-8859-709B3614BA6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C7C507E-C85E-4BC6-A3B0-549516BAB524\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6514CDE8-35DC-469F-89A3-078684D18F7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4624565D-8F59-44A8-B7A8-01AD579745E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"57E08E70-1AF3-4BA5-9A09-06DFE9663ADE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"255B6F20-D32F-42C1-829C-AE9C7923558A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"90AE30DB-C448-4FE9-AC11-FF0F27CDA227\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"93F324AE-65D3-4CFC-AEAB-898CE1BD05CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"79ED3CE8-CC57-43AB-9A26-BBC87816062D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4310D2D9-A8A6-48F8-9384-0A0692A1E1C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9962B01C-C57C-4359-9532-676AB81CE8B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"62178549-B679-4902-BFDB-2993803B7FCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AD697DF-9738-4276-94ED-7B9380CD09F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"09FF5818-0803-4646-A386-D7C645EE58A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2229FA59-EB24-49A2-85CE-F529A8DE6BA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CB280D8-C5D8-4B51-A879-496ACCDE4538\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F3F54F1-75B3-400D-A735-2C27C8CEBE79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A5B196A-2AF1-4AE5-9148-A75A572807BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B457616-2D91-4913-9A7D-038BBF8F1F66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D157211-535E-4B2D-B2FE-F697FAFDF65C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F96EBE9-2532-4E35-ABA5-CA68830476A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4D936AE-FD74-4823-A824-2D9F24C25BFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E117E493-F4E1-4568-88E3-F243C74A2662\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"01E3E308-FD9C-4686-8C35-8472A0E99F0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3683A8F5-EE0E-4936-A005-DF7F6B75DED3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B615DBA-8C53-41D4-B264-D3EED8578471\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3124DD0-9E42-4896-9060-CB7DD07FC342\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"44F6FD6C-03AF-4D2C-B411-A753DE12A2DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D49FFB60-BA71-4902-9404-E67162919ADC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFF72FCA-C440-4D43-9BDB-F712DB413717\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"06156CD6-09D3-4A05-9C5E-BC64A70640F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E949B21B-AD62-4022-9088-06313277479E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D862E6F-0D01-4B25-8340-888C30F75A2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F28F73E-8563-41B9-A313-BBAAD5B57A67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E37D4694-C80B-475E-AB5B-BB431F59C5E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EC0D2D2-4922-4675-8A2C-57A08D7BE334\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"591AA3E6-62A2-4A1A-A04C-E808F71D8B6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"786F993E-32CB-492A-A7CC-A7E4F48EA8B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"19519212-51DD-4448-B115-8A20A40192CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CC9909E-AE9F-414D-99B1-83AA04D5297B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDE9E767-4713-4EA2-8D00-1382975A4A15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"574730B0-56C8-4A03-867B-1737148ED9B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"20EBC676-1B26-4A71-8326-0F892124290A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB4C0FBF-8813-44E5-B71A-22CBAA603E2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BCDE58C-80CC-4C5A-9667-8A4468D8D76C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1379EF30-AF04-4F98-8328-52A631F24737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"28E42A41-7965-456B-B0AF-9D3229CE4D4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB1A77D6-D3AD-481B-979C-8F778530B175\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A064B6B-A99B-4D8D-A62D-B00C7870BC30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"40813417-A938-4F74-A419-8C5188A35486\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FC1BA1A-DF0E-4B15-86BA-24C60E546732\"}]}]}],\"references\":[{\"url\":\"https://curesec.com/blog/article/CVE-2024-21591_Juniper_Remote_Code_Exec.html\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://supportportal.juniper.net/JSA75729\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://curesec.com/blog/article/CVE-2024-21591_Juniper_Remote_Code_Exec.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://supportportal.juniper.net/JSA75729\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.