gsd-2024-21617
Vulnerability from gsd
Modified
2023-12-28 06:02
Details
An Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service (DoS). On all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual reboot of the system will restore the services. The memory usage can be monitored using the below commands. user@host> show chassis routing-engine no-forwarding user@host> show system memory | no-more This issue affects: Juniper Networks Junos OS * 21.2 versions earlier than 21.2R3-S5; * 21.3 versions earlier than 21.3R3-S4; * 21.4 versions earlier than 21.4R3-S4; * 22.1 versions earlier than 22.1R3-S2; * 22.2 versions earlier than 22.2R3-S2; * 22.3 versions earlier than 22.3R2-S1, 22.3R3; * 22.4 versions earlier than 22.4R1-S2, 22.4R2. This issue does not affect Junos OS versions earlier than 20.4R3-S7.
Aliases



{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-21617"
      ],
      "details": "\nAn Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service (DoS).\n\nOn all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual reboot of the system will restore the services.\n\nThe memory usage can be monitored using the below commands.\n\nuser@host\u003e show chassis routing-engine no-forwarding\nuser@host\u003e show system memory | no-more\nThis issue affects:\n\nJuniper Networks Junos OS\n\n\n\n  *  21.2 versions earlier than 21.2R3-S5;\n  *  21.3 versions earlier than 21.3R3-S4;\n  *  21.4 versions earlier than 21.4R3-S4;\n  *  22.1 versions earlier than 22.1R3-S2;\n  *  22.2 versions earlier than 22.2R3-S2;\n  *  22.3 versions earlier than 22.3R2-S1, 22.3R3;\n  *  22.4 versions earlier than 22.4R1-S2, 22.4R2.\n\n\n\n\nThis issue does not affect Junos OS versions earlier than 20.4R3-S7.\n\n\n\n",
      "id": "GSD-2024-21617",
      "modified": "2023-12-28T06:02:03.430351Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "ID": "CVE-2024-21617",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Junos OS",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "unaffected",
                            "versions": [
                              {
                                "lessThan": "21.2R3-S5",
                                "status": "affected",
                                "version": "21.2",
                                "versionType": "semver"
                              },
                              {
                                "lessThan": "21.3R3-S4",
                                "status": "affected",
                                "version": "21.3",
                                "versionType": "semver"
                              },
                              {
                                "lessThan": "21.4R3-S4",
                                "status": "affected",
                                "version": "21.4",
                                "versionType": "semver"
                              },
                              {
                                "lessThan": "22.1R3-S2",
                                "status": "affected",
                                "version": "22.1",
                                "versionType": "semver"
                              },
                              {
                                "lessThan": "22.2R3-S2",
                                "status": "affected",
                                "version": "22.2",
                                "versionType": "semver"
                              },
                              {
                                "lessThan": "22.3R2-S1, 22.3R3",
                                "status": "affected",
                                "version": "22.3",
                                "versionType": "semver"
                              },
                              {
                                "lessThan": "22.4R1-S2, 22.4R2",
                                "status": "affected",
                                "version": "22.4",
                                "versionType": "semver"
                              },
                              {
                                "lessThan": "20.4R3-S7",
                                "status": "unaffected",
                                "version": "0",
                                "versionType": "semver"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "configuration": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eTo be exposed to this issue non-stop routing (NSR) needs to be configured:\u003c/p\u003e\u003ccode\u003e  [routing-options nonstop-routing]\u003c/code\u003e\u003cbr/\u003e"
            }
          ],
          "value": "To be exposed to this issue non-stop routing (NSR) needs to be configured:\n\n  [routing-options nonstop-routing]\n"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "\nAn Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service (DoS).\n\nOn all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual reboot of the system will restore the services.\n\nNote: NSR is not supported on the SRX Series and is therefore not affected by this vulnerability.\nThe memory usage can be monitored using the below commands.\n\nuser@host\u003e show chassis routing-engine no-forwarding\nuser@host\u003e show system memory | no-more\nThis issue affects:\n\nJuniper Networks Junos OS\n\n\n\n  *  21.2 versions earlier than 21.2R3-S5;\n  *  21.3 versions earlier than 21.3R3-S4;\n  *  21.4 versions earlier than 21.4R3-S4;\n  *  22.1 versions earlier than 22.1R3-S2;\n  *  22.2 versions earlier than 22.2R3-S2;\n  *  22.3 versions earlier than 22.3R2-S1, 22.3R3;\n  *  22.4 versions earlier than 22.4R1-S2, 22.4R2.\n\n\n\n\nThis issue does not affect Junos OS versions earlier than 20.4R3-S7.\n\n\n\n"
          }
        ]
      },
      "exploit": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
        }
      ],
      "generator": {
        "engine": "Vulnogram 0.1.0-av217"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-459",
                "lang": "eng",
                "value": "CWE-459 Incomplete Cleanup"
              }
            ]
          },
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service (DoS)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://supportportal.juniper.net/JSA75758",
            "refsource": "MISC",
            "url": "https://supportportal.juniper.net/JSA75758"
          },
          {
            "name": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "refsource": "MISC",
            "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
          }
        ]
      },
      "solution": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: Junos OS 21.2R3-S5, 21.3R3-S4, 21.4R3-S4, 22.1R3-S2, 22.2R3-S2, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.2R1, and all subsequent releases.\u003c/p\u003e"
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: Junos OS 21.2R3-S5, 21.3R3-S4, 21.4R3-S4, 22.1R3-S2, 22.2R3-S2, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.2R1, and all subsequent releases.\n\n"
        }
      ],
      "source": {
        "advisory": "JSA75758",
        "defect": [
          "1711656"
        ],
        "discovery": "USER"
      },
      "work_around": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e"
            }
          ],
          "value": "There are no known workarounds for this issue.\n\n"
        }
      ]
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
                    "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
                    "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
                    "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
                    "matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
                    "matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
                    "matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
                    "matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
                    "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
                    "matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
                    "matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*",
                    "matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
                    "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
                    "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
                    "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
                    "matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
                    "matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*",
                    "matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
                    "matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
                    "matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
                    "matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
                    "matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
                    "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
                    "matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
                    "matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
                    "matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
                    "matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
                    "matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
                    "matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
                    "matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
                    "matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
                    "matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "\nAn Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service (DoS).\n\nOn all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual reboot of the system will restore the services.\n\nNote: NSR is not supported on the SRX Series and is therefore not affected by this vulnerability.\nThe memory usage can be monitored using the below commands.\n\nuser@host\u003e show chassis routing-engine no-forwarding\nuser@host\u003e show system memory | no-more\nThis issue affects:\n\nJuniper Networks Junos OS\n\n\n\n  *  21.2 versions earlier than 21.2R3-S5;\n  *  21.3 versions earlier than 21.3R3-S4;\n  *  21.4 versions earlier than 21.4R3-S4;\n  *  22.1 versions earlier than 22.1R3-S2;\n  *  22.2 versions earlier than 22.2R3-S2;\n  *  22.3 versions earlier than 22.3R2-S1, 22.3R3;\n  *  22.4 versions earlier than 22.4R1-S2, 22.4R2.\n\n\n\n\nThis issue does not affect Junos OS versions earlier than 20.4R3-S7.\n\n\n\n"
          },
          {
            "lang": "es",
            "value": "Una vulnerabilidad de limpieza incompleta en el componente Nonstop active routing (NSR) de Juniper Networks Junos OS permite que un atacante adyacente no autenticado cause una p\u00e9rdida de memoria que provoque una denegaci\u00f3n de servicio (DoS). En todas las plataformas Junos OS, cuando NSR est\u00e1 habilitado, un fallo de BGP provocar\u00e1 una p\u00e9rdida de memoria. Un reinicio manual del sistema restaurar\u00e1 los servicios. El uso de la memoria se puede monitorear usando los siguientes comandos. user@host\u0026gt; show chassis routing-engine no-forwarding user@host\u0026gt; show system memory | no-more. Este problema afecta a: Juniper Networks Junos OS * versiones 21.2 anteriores a 21.2R3-S5; * Versiones 21.3 anteriores a 21.3R3-S4; * Versiones 21.4 anteriores a 21.4R3-S4; * Versiones 22.1 anteriores a 22.1R3-S2; * Versiones 22.2 anteriores a 22.2R3-S2; * Versiones 22.3 anteriores a 22.3R2-S1, 22.3R3; * Versiones 22.4 anteriores a 22.4R1-S2, 22.4R2. Este problema no afecta a las versiones de Junos OS anteriores a la 20.4R3-S7."
          }
        ],
        "id": "CVE-2024-21617",
        "lastModified": "2024-01-26T00:15:07.990",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 3.6,
              "source": "sirt@juniper.net",
              "type": "Secondary"
            }
          ]
        },
        "published": "2024-01-12T01:15:50.230",
        "references": [
          {
            "source": "sirt@juniper.net",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://supportportal.juniper.net/JSA75758"
          },
          {
            "source": "sirt@juniper.net",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
          }
        ],
        "sourceIdentifier": "sirt@juniper.net",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-459"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-459"
              }
            ],
            "source": "sirt@juniper.net",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.