gsd-2024-21600
Vulnerability from gsd
Modified
2023-12-28 06:02
Details
An Improper Neutralization of Equivalent Special Elements vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows a unauthenticated, adjacent attacker to cause a Denial of Service (DoS).
When MPLS packets are meant to be sent to a flexible tunnel interface (FTI) and if the FTI tunnel is down, these will hit the reject NH, due to which the packets get sent to the CPU and cause a host path wedge condition. This will cause the FPC to hang and requires a manual restart to recover.
Please note that this issue specifically affects PTX1000, PTX3000, PTX5000 with FPC3, PTX10002-60C, and PTX10008/16 with LC110x. Other PTX Series devices and Line Cards (LC) are not affected.
The following log message can be seen when the issue occurs:
Cmerror Op Set: Host Loopback: HOST LOOPBACK WEDGE DETECTED IN PATH ID <id> (URI: /fpc/<fpc>/pfe/<pfe>/cm/<cm>/Host_Loopback/<cm>/HOST_LOOPBACK_MAKE_CMERROR_ID[<id>])
This issue affects Juniper Networks Junos OS:
* All versions earlier than 20.4R3-S8;
* 21.1 versions earlier than 21.1R3-S4;
* 21.2 versions earlier than 21.2R3-S6;
* 21.3 versions earlier than 21.3R3-S3;
* 21.4 versions earlier than 21.4R3-S5;
* 22.1 versions earlier than 22.1R2-S2, 22.1R3;
* 22.2 versions earlier than 22.2R2-S1, 22.2R3.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-21600"
],
"details": "\nAn Improper Neutralization of Equivalent Special Elements vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows a unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nWhen MPLS packets are meant to be sent to a flexible tunnel interface (FTI) and if the FTI tunnel is down, these will hit the reject NH, due to which the packets get sent to the CPU and cause a host path wedge condition. This will cause the FPC to hang and requires a manual restart to recover.\n\nPlease note that this issue specifically affects PTX1000, PTX3000, PTX5000 with FPC3, PTX10002-60C, and PTX10008/16 with LC110x. Other PTX Series devices and Line Cards (LC) are not affected.\n\nThe following log message can be seen when the issue occurs:\n\nCmerror Op Set: Host Loopback: HOST LOOPBACK WEDGE DETECTED IN PATH ID \u003cid\u003e (URI: /fpc/\u003cfpc\u003e/pfe/\u003cpfe\u003e/cm/\u003ccm\u003e/Host_Loopback/\u003ccm\u003e/HOST_LOOPBACK_MAKE_CMERROR_ID[\u003cid\u003e])\nThis issue affects Juniper Networks Junos OS:\n\n\n\n * All versions earlier than 20.4R3-S8;\n * 21.1 versions earlier than 21.1R3-S4;\n * 21.2 versions earlier than 21.2R3-S6;\n * 21.3 versions earlier than 21.3R3-S3;\n * 21.4 versions earlier than 21.4R3-S5;\n * 22.1 versions earlier than 22.1R2-S2, 22.1R3;\n * 22.2 versions earlier than 22.2R2-S1, 22.2R3.\n\n\n\n\n\n\n",
"id": "GSD-2024-21600",
"modified": "2023-12-28T06:02:03.430675Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"ID": "CVE-2024-21600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "20.4R3-S8"
},
{
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R3-S4"
},
{
"version_affected": "\u003c",
"version_name": "21.2",
"version_value": "21.2R3-S6"
},
{
"version_affected": "\u003c",
"version_name": "21.3",
"version_value": "21.3R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "21.4",
"version_value": "21.4R3-S5"
},
{
"version_affected": "\u003c",
"version_name": "22.1",
"version_value": "22.1R2-S2, 22.1R3"
},
{
"version_affected": "\u003c",
"version_name": "22.2",
"version_value": "22.2R2-S1, 22.2R3"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eTo be exposed to this issue FTI need to be configured:\u003c/p\u003e\u003ccode\u003e [ interfaces fti0 unit \u0026lt;unit\u0026gt; tunnel ... ]\u003c/code\u003e\u003cbr/\u003e"
}
],
"value": "To be exposed to this issue FTI need to be configured:\n\n [ interfaces fti0 unit \u003cunit\u003e tunnel ... ]\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\nAn Improper Neutralization of Equivalent Special Elements vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows a unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nWhen MPLS packets are meant to be sent to a flexible tunnel interface (FTI) and if the FTI tunnel is down, these will hit the reject NH, due to which the packets get sent to the CPU and cause a host path wedge condition. This will cause the FPC to hang and requires a manual restart to recover.\n\nPlease note that this issue specifically affects PTX1000, PTX3000, PTX5000 with FPC3, PTX10002-60C, and PTX10008/16 with LC110x. Other PTX Series devices and Line Cards (LC) are not affected.\n\nThe following log message can be seen when the issue occurs:\n\nCmerror Op Set: Host Loopback: HOST LOOPBACK WEDGE DETECTED IN PATH ID \u003cid\u003e (URI: /fpc/\u003cfpc\u003e/pfe/\u003cpfe\u003e/cm/\u003ccm\u003e/Host_Loopback/\u003ccm\u003e/HOST_LOOPBACK_MAKE_CMERROR_ID[\u003cid\u003e])\nThis issue affects Juniper Networks Junos OS:\n\n\n\n * All versions earlier than 20.4R3-S8;\n * 21.1 versions earlier than 21.1R3-S4;\n * 21.2 versions earlier than 21.2R3-S6;\n * 21.3 versions earlier than 21.3R3-S3;\n * 21.4 versions earlier than 21.4R3-S5;\n * 22.1 versions earlier than 22.1R2-S2, 22.1R3;\n * 22.2 versions earlier than 22.2R2-S1, 22.2R3.\n\n\n\n\n\n\n"
}
]
},
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
}
],
"generator": {
"engine": "Vulnogram 0.1.0-av217"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-76",
"lang": "eng",
"value": "CWE-76 Improper Neutralization of Equivalent Special Elements"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://supportportal.juniper.net/JSA75741",
"refsource": "MISC",
"url": "https://supportportal.juniper.net/JSA75741"
},
{
"name": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
"refsource": "MISC",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
}
]
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S8, 21.1R3-S4, 21.2R3-S6, 21.3R3-S3, 21.4R3-S5, 22.1R2-S2, 22.1R3, 22.2R2-S1, 22.2R3, 22.3R1, and all subsequent releases.\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S8, 21.1R3-S4, 21.2R3-S6, 21.3R3-S3, 21.4R3-S5, 22.1R2-S2, 22.1R3, 22.2R2-S1, 22.2R3, 22.3R1, and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA75741",
"defect": [
"1653316"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe issue can be prevented by configuring a limit for reject packets via:\u003c/p\u003e\u003ccode\u003e [ system ddos-protection protocols reject aggregate bandwidth 20 ] \u003c/code\u003e\u003cbr/\u003e"
}
],
"value": "The issue can be prevented by configuring a limit for reject packets via:\n\n [ system ddos-protection protocols reject aggregate bandwidth 20 ] \n"
}
]
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "977DEF80-0DB5-4828-97AC-09BB3111D585",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\nAn Improper Neutralization of Equivalent Special Elements vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows a unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nWhen MPLS packets are meant to be sent to a flexible tunnel interface (FTI) and if the FTI tunnel is down, these will hit the reject NH, due to which the packets get sent to the CPU and cause a host path wedge condition. This will cause the FPC to hang and requires a manual restart to recover.\n\nPlease note that this issue specifically affects PTX1000, PTX3000, PTX5000 with FPC3, PTX10002-60C, and PTX10008/16 with LC110x. Other PTX Series devices and Line Cards (LC) are not affected.\n\nThe following log message can be seen when the issue occurs:\n\nCmerror Op Set: Host Loopback: HOST LOOPBACK WEDGE DETECTED IN PATH ID \u003cid\u003e (URI: /fpc/\u003cfpc\u003e/pfe/\u003cpfe\u003e/cm/\u003ccm\u003e/Host_Loopback/\u003ccm\u003e/HOST_LOOPBACK_MAKE_CMERROR_ID[\u003cid\u003e])\nThis issue affects Juniper Networks Junos OS:\n\n\n\n * All versions earlier than 20.4R3-S8;\n * 21.1 versions earlier than 21.1R3-S4;\n * 21.2 versions earlier than 21.2R3-S6;\n * 21.3 versions earlier than 21.3R3-S3;\n * 21.4 versions earlier than 21.4R3-S5;\n * 22.1 versions earlier than 22.1R2-S2, 22.1R3;\n * 22.2 versions earlier than 22.2R2-S1, 22.2R3.\n\n\n\n\n\n\n"
},
{
"lang": "es",
"value": "Una vulnerabilidad de neutralizaci\u00f3n inadecuada de elementos especiales equivalentes en el motor de reenv\u00edo de paquetes (PFE) de Juniper Networks Junos OS en la serie PTX permite que un atacante adyacente no autenticado provoque una denegaci\u00f3n de servicio (DoS). Cuando los paquetes MPLS deben enviarse a una interfaz de t\u00fanel flexible (FTI) y si el t\u00fanel FTI est\u00e1 inactivo, estos alcanzar\u00e1n el NH rechazado, debido a lo cual los paquetes se env\u00edan a la CPU y provocan una condici\u00f3n de cu\u00f1a en la ruta del host. Esto har\u00e1 que el FPC se bloquee y requiera un reinicio manual para recuperarse. Tenga en cuenta que este problema afecta espec\u00edficamente a PTX1000, PTX3000, PTX5000 con FPC3, PTX10002-60C y PTX10008/16 con LC110x. Otros dispositivos de la serie PTX y tarjetas de l\u00ednea (LC) no se ven afectados. El siguiente mensaje de registro se puede ver cuando ocurre el problema: Cmerror Op Set: Host Loopback: HOST LOOPBACK WEDGE DETECTED IN PATH ID (URI: /fpc//pfe//cm//Host_Loopback//HOST_LOOPBACK_MAKE_CMERROR_ID[]) Este problema afecta a Juniper Networks Junos OS: * Todas las versiones anteriores a 20.4R3-S8; * Versiones 21.1 anteriores a 21.1R3-S4; * Versiones 21.2 anteriores a 21.2R3-S6; * Versiones 21.3 anteriores a 21.3R3-S3; * Versiones 21.4 anteriores a 21.4R3-S5; * Versiones 22.1 anteriores a 22.1R2-S2, 22.1R3; * Versiones 22.2 anteriores a 22.2R2-S1, 22.2R3."
}
],
"id": "CVE-2024-21600",
"lastModified": "2024-01-19T22:57:21.587",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
},
"published": "2024-01-12T01:15:47.857",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA75741"
},
{
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-76"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
}
}
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.