gsd-2024-21604
Vulnerability from gsd
Modified
2023-12-28 06:02
Details
An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). If a high rate of specific valid packets are processed by the routing engine (RE) this will lead to a loss of connectivity of the RE with other components of the chassis and thereby a complete and persistent system outage. Please note that a carefully designed lo0 firewall filter will block or limit these packets which should prevent this issue from occurring. The following log messages can be seen when this issue occurs: <host> kernel: nf_conntrack: nf_conntrack: table full, dropping packet This issue affects Juniper Networks Junos OS Evolved: * All versions earlier than 20.4R3-S7-EVO; * 21.2R1-EVO and later versions; * 21.4-EVO versions earlier than 21.4R3-S5-EVO; * 22.1-EVO versions earlier than 22.1R3-S2-EVO; * 22.2-EVO versions earlier than 22.2R3-EVO; * 22.3-EVO versions earlier than 22.3R2-EVO; * 22.4-EVO versions earlier than 22.4R2-EVO.
Aliases



{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-21604"
      ],
      "details": "\nAn Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\n\nIf a high rate of specific valid packets are processed by the routing engine (RE) this will lead to a loss of connectivity of the RE with other components of the chassis and thereby a complete and persistent system outage. Please note that a carefully designed lo0 firewall filter will block or limit these packets which should prevent this issue from occurring.\n\nThe following log messages can be seen when this issue occurs:\n\n\u003chost\u003e kernel: nf_conntrack: nf_conntrack: table full, dropping packet\nThis issue affects Juniper Networks Junos OS Evolved:\n\n\n\n  *  All versions earlier than 20.4R3-S7-EVO;\n  *  21.2R1-EVO and later versions;\n  *  21.4-EVO versions earlier than 21.4R3-S5-EVO;\n  *  22.1-EVO versions earlier than 22.1R3-S2-EVO;\n  *  22.2-EVO versions earlier than 22.2R3-EVO;\n  *  22.3-EVO versions earlier than 22.3R2-EVO;\n  *  22.4-EVO versions earlier than 22.4R2-EVO.\n\n\n\n\n\n\n",
      "id": "GSD-2024-21604",
      "modified": "2023-12-28T06:02:03.530997Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "ID": "CVE-2024-21604",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Junos OS Evolved",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "0",
                          "version_value": "20.4R3-S7-EVO"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "21.2-EVO",
                          "version_value": "21.2*-EVO"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "21.4-EVO",
                          "version_value": "21.4R3-S5-EVO"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "22.1-EVO",
                          "version_value": "22.1R3-S2-EVO"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "22.2-EVO",
                          "version_value": "22.2R3-EVO"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "22.3-EVO",
                          "version_value": "22.3R2-EVO"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "22.4-EVO",
                          "version_value": "22.4R2-EVO"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "\nAn Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\n\nIf a high rate of specific valid packets are processed by the routing engine (RE) this will lead to a loss of connectivity of the RE with other components of the chassis and thereby a complete and persistent system outage. Please note that a carefully designed lo0 firewall filter will block or limit these packets which should prevent this issue from occurring.\n\nThe following log messages can be seen when this issue occurs:\n\n\u003chost\u003e kernel: nf_conntrack: nf_conntrack: table full, dropping packet\nThis issue affects Juniper Networks Junos OS Evolved:\n\n\n\n  *  All versions earlier than 20.4R3-S7-EVO;\n  *  21.2R1-EVO and later versions;\n  *  21.4-EVO versions earlier than 21.4R3-S5-EVO;\n  *  22.1-EVO versions earlier than 22.1R3-S2-EVO;\n  *  22.2-EVO versions earlier than 22.2R3-EVO;\n  *  22.3-EVO versions earlier than 22.3R2-EVO;\n  *  22.4-EVO versions earlier than 22.4R2-EVO.\n\n\n\n\n\n\n"
          }
        ]
      },
      "exploit": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
        }
      ],
      "generator": {
        "engine": "Vulnogram 0.1.0-av217"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-770",
                "lang": "eng",
                "value": "CWE-770 Allocation of Resources Without Limits or Throttling"
              }
            ]
          },
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service (DoS)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://supportportal.juniper.net/JSA75745",
            "refsource": "MISC",
            "url": "https://supportportal.juniper.net/JSA75745"
          },
          {
            "name": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
            "refsource": "MISC",
            "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
          }
        ]
      },
      "solution": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.4R3-S7-EVO, 21.4R3-S5-EVO, 22.1R3-S2-EVO, 22.2R3-EVO, 22.3R2-EVO, 22.4R2-EVO, 23.2R1-EVO, and all subsequent releases.\u003c/p\u003e"
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.4R3-S7-EVO, 21.4R3-S5-EVO, 22.1R3-S2-EVO, 22.2R3-EVO, 22.3R2-EVO, 22.4R2-EVO, 23.2R1-EVO, and all subsequent releases.\n\n"
        }
      ],
      "source": {
        "advisory": "JSA75745",
        "defect": [
          "1663122",
          "1712937"
        ],
        "discovery": "USER"
      },
      "work_around": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eTo prevent the device from receiving high rates of valid traffic please configure firewall filters to block unexpected and even throttle expected traffic.\u003c/p\u003e"
            }
          ],
          "value": "To prevent the device from receiving high rates of valid traffic please configure firewall filters to block unexpected and even throttle expected traffic.\n\n"
        }
      ]
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "7E1E57AF-979B-4022-8AD6-B3558E06B718",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "144730FB-7622-4B3D-9C47-D1B7A7FB7EB0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*",
                    "matchCriteriaId": "7BA246F0-154E-4F44-A97B-690D22FA73DD",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "25D6C07C-F96E-4523-BB54-7FEABFE1D1ED",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "2B70C784-534B-4FAA-A5ED-3709656E2B97",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*",
                    "matchCriteriaId": "60448FFB-568E-4280-9261-ADD65244F31A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "2B770C52-7E3E-4B92-9138-85DEC56F3B22",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "E88AC378-461C-4EFA-A04B-5786FF21FE03",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3:*:*:*:*:*:*",
                    "matchCriteriaId": "3B0AFB30-81DC-465C-9F63-D1B15EA4809A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4:*:*:*:*:*:*",
                    "matchCriteriaId": "2035F0AC-29E7-478A-A9D0-BAA3A88B3413",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5:*:*:*:*:*:*",
                    "matchCriteriaId": "C34ABD4B-B045-4046-9641-66E3B2082A25",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6:*:*:*:*:*:*",
                    "matchCriteriaId": "6D5DC04F-18DE-403B-BE93-2251F3332C1C",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*",
                    "matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*",
                    "matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*",
                    "matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "74ED0939-D5F8-4334-9838-40F29DE3597F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "C6937069-8C19-4B01-8415-ED7E9EAE2CE2",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*",
                    "matchCriteriaId": "97DB6DD5-F5DD-4AE1-AF2F-8DB9E18FF882",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "21DF05B8-EF7E-422F-8831-06904160714C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "492FCE45-68A1-4378-85D4-C4034FE0D836",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*",
                    "matchCriteriaId": "522114CC-1505-4205-B4B8-797DE1BD833B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*",
                    "matchCriteriaId": "C9D664AB-0FA7-49C7-B6E1-69C77652FBEF",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:-:*:*:*:*:*:*",
                    "matchCriteriaId": "C16434C0-21A7-4CE5-92E1-7D60A35EF5D1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1:*:*:*:*:*:*",
                    "matchCriteriaId": "750FE748-82E7-4419-A061-2DEA26E35309",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "236E23E5-8B04-4081-9D97-7300DF284000",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "5FC96EA7-90A7-4838-B95D-60DBC88C7BC7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2:*:*:*:*:*:*",
                    "matchCriteriaId": "97541867-C52F-40BB-9AAE-7E87ED23D789",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "85CF6664-E35A-4E9B-95C0-CDC91F7F331A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r3:*:*:*:*:*:*",
                    "matchCriteriaId": "E048A05D-882F-4B1C-BA32-3BBA3FEA31A3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r3-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "47E8D51D-1424-4B07-B036-E3E195F21AC2",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*",
                    "matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*",
                    "matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*",
                    "matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*",
                    "matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*",
                    "matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*",
                    "matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*",
                    "matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "\nAn Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\n\nIf a high rate of specific valid packets are processed by the routing engine (RE) this will lead to a loss of connectivity of the RE with other components of the chassis and thereby a complete and persistent system outage. Please note that a carefully designed lo0 firewall filter will block or limit these packets which should prevent this issue from occurring.\n\nThe following log messages can be seen when this issue occurs:\n\n\u003chost\u003e kernel: nf_conntrack: nf_conntrack: table full, dropping packet\nThis issue affects Juniper Networks Junos OS Evolved:\n\n\n\n  *  All versions earlier than 20.4R3-S7-EVO;\n  *  21.2R1-EVO and later versions;\n  *  21.4-EVO versions earlier than 21.4R3-S5-EVO;\n  *  22.1-EVO versions earlier than 22.1R3-S2-EVO;\n  *  22.2-EVO versions earlier than 22.2R3-EVO;\n  *  22.3-EVO versions earlier than 22.3R2-EVO;\n  *  22.4-EVO versions earlier than 22.4R2-EVO.\n\n\n\n\n\n\n"
          },
          {
            "lang": "es",
            "value": "Una vulnerabilidad de asignaci\u00f3n de recursos sin l\u00edmites ni limitaci\u00f3n en el kernel de Juniper Networks Junos OS Evolved permite que un atacante no autenticado basado en la red provoque una denegaci\u00f3n de servicio (DoS). Si el motor de enrutamiento (RE) procesa una alta tasa de paquetes v\u00e1lidos espec\u00edficos, esto provocar\u00e1 una p\u00e9rdida de conectividad del RE con otros componentes del chasis y, por lo tanto, una interrupci\u00f3n completa y persistente del sistema. Tenga en cuenta que un filtro de firewall lo0 cuidadosamente dise\u00f1ado bloquear\u00e1 o limitar\u00e1 estos paquetes, lo que deber\u00eda evitar que ocurra este problema. Los siguientes mensajes de registro se pueden ver cuando ocurre este problema:  kernel: nf_conntrack: nf_conntrack: table full, dropping packet. Este problema afecta a Juniper Networks Junos OS Evolved: * Todas las versiones anteriores a 20.4R3-S7-EVO; * 21.2R1-EVO y versiones posteriores; * Versiones 21.4-EVO anteriores a 21.4R3-S5-EVO; * Versiones 22.1-EVO anteriores a 22.1R3-S2-EVO; * Versiones 22.2-EVO anteriores a 22.2R3-EVO; * Versiones 22.3-EVO anteriores a 22.3R2-EVO; * Versiones 22.4-EVO anteriores a 22.4R2-EVO."
          }
        ],
        "id": "CVE-2024-21604",
        "lastModified": "2024-01-19T22:56:35.733",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "source": "sirt@juniper.net",
              "type": "Secondary"
            }
          ]
        },
        "published": "2024-01-12T01:15:48.677",
        "references": [
          {
            "source": "sirt@juniper.net",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://supportportal.juniper.net/JSA75745"
          },
          {
            "source": "sirt@juniper.net",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
          }
        ],
        "sourceIdentifier": "sirt@juniper.net",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-770"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-770"
              }
            ],
            "source": "sirt@juniper.net",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.