CVE-2024-21593

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 12, 2024
Updated: May 16, 2024
CWE ID 703

Summary

CVE-2024-21593 is an Improper Check or Handling of Exceptional Conditions vulnerability impacting Juniper Networks Junos OS and Junos OS Evolved. This issue permits an unauthenticated, adjacent attacker to initiate a Denial of Service (DoS) by sending a specific MPLS packet that causes an internal loop and crashes the Packet Forwarding Engine (PFE). Continuous transmission of these packets results in a sustained DoS condition. This vulnerability is only applicable to MX Series with MPC10, MPC11, LC9600, and MX304, and specifically affects Juniper Networks Junos OS in versions 21.4R3 and earlier, 22.2R2 and earlier, 22.3R1 and earlier, 22.3R3, and 22.4R1 and earlier. Users are recommended to update their systems to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Juniper Junos

Affected Vendors

  • Juniper Networks