目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

CVE-2024-21602— Juniper Networks Junos OS 和 Junos OS Evolved 安全漏洞

CVSS 7.5 · High EPSS 0.19% · P40
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2024-21602の基本情報

脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
Junos OS Evolved: ACX7024, ACX7100-32C and ACX7100-48L: Traffic stops when a specific IPv4 UDP packet is received by the RE
ソース: NVD (National Vulnerability Database)
脆弱性説明
A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). If a specific IPv4 UDP packet is received and sent to the Routing Engine (RE) packetio crashes and restarts which causes a momentary traffic interruption. Continued receipt of such packets will lead to a sustained DoS. This issue does not happen with IPv6 packets. This issue affects Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L: * 21.4-EVO versions earlier than 21.4R3-S6-EVO; * 22.1-EVO versions earlier than 22.1R3-S5-EVO; * 22.2-EVO versions earlier than 22.2R2-S1-EVO, 22.2R3-EVO; * 22.3-EVO versions earlier than 22.3R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions earlier than 21.4R1-EVO.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
空指针解引用
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Juniper Networks Junos OS 和 Junos OS Evolved 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Juniper Networks Junos OS和Juniper Networks Junos OS Evolved都是美国瞻博网络(Juniper Networks)公司的产品。Juniper Networks Junos OS是一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。Juniper Networks Junos OS Evolved是Junos OS 的升级版系统。 Juniper Networks Junos OS 和 Junos OS Evol
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
Juniper NetworksJunos OS Evolved 21.4-EVO ~ 21.4R3-S6-EVO -

II. CVE-2024-21602の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2024-21602のインテリジェンス情報

登录查看更多情报信息。

Same Patch Batch · Juniper Networks · 2024-01-12 · 23 CVEs total

CVE-2024-215919.8 CRITICALJunos OS: SRX Series and EX Series: Security Vulnerability in J-web allows a preAuth Remot
CVE-2024-216167.5 HIGHJunos OS: MX Series and SRX Series: Processing of a specific SIP packet causes NAT IP allo
CVE-2024-216147.5 HIGHJunos OS and Junos OS Evolved: A specific query via DREND causes rpd crash
CVE-2024-216127.5 HIGHJunos OS Evolved: Specific TCP traffic causes OFP core and restart of RE
CVE-2024-216117.5 HIGHJunos OS and Junos OS Evolved: In a jflow scenario continuous route churn will cause a mem
CVE-2024-216067.5 HIGHJunos OS: SRX Series: When "tcp-encap" is configured and specific packets are received flo
CVE-2024-216047.5 HIGHJunos OS Evolved: A high rate of specific traffic will cause a complete system outage
CVE-2024-215957.5 HIGHJunos OS: EX4100, EX4400, EX4600, QFX5000 Series: A high rate of specific ICMP traffic wil
CVE-2024-215897.4 HIGHParagon Active Assurance Control Center: Information disclosure vulnerability
CVE-2023-368426.5 MEDIUMJunos OS: jdhcpd will hang on receiving a specific DHCP packet
CVE-2024-216176.5 MEDIUMJunos OS: BGP flap on NSR-enabled devices causes memory leak
CVE-2024-215876.5 MEDIUMJunos OS: MX Series: Memory leak in bbe-smgd process if BFD liveness detection for DHCP su
CVE-2024-215996.5 MEDIUMJunos OS: MX Series: MPC3E memory leak with PTP configuration
CVE-2024-216006.5 MEDIUMJunos OS: PTX Series: In an FTI scenario MPLS packets hitting reject next-hop will cause a
CVE-2024-216036.5 MEDIUMJunos OS: MX Series: Gathering statistics in a scaled SCU/DCU configuration will lead to a
CVE-2024-216136.5 MEDIUMJunos OS and Junos OS Evolved: A link flap causes patroot memory leak which leads to rpd c
CVE-2024-216015.9 MEDIUMJunos OS: SRX Series: Due to an error in processing TCP events flowd will crash
CVE-2024-215855.9 MEDIUMJunos OS and Junos OS Evolved: BGP session flaps on NSR-enabled devices can cause rpd cras
CVE-2024-215945.5 MEDIUMJunos OS: SRX 5000 Series: Repeated execution of a specific CLI command causes a flowd cra
CVE-2024-215975.3 MEDIUMJunos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters

Showing 20 of 23 CVEs. View all on vendor page →

IV. 関連脆弱性

同じ製品: Junos OS Evolved
同じベンダー: Juniper Networks
同じ弱点: CWE-476

V. CVE-2024-21602へのコメント

まだコメントはありません

コメントを残す