CVE-2024-21603
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2024-21603 is an Improper Check for Unusual or Exceptional Conditions vulnerability affecting Juniper Networks Junos OS on specific MX Series devices. A network-based attacker with low privileges can cause a denial of service (DoS) by exploiting this issue. The vulnerability lies in the handling of configuration statistics for Source class usage (SCU) and Destination class usage (DCU) in the kernel. If the statistics are gathered through specific SNMP requests or CLI commands, the device will restart, leading to a sustained DoS. This issue only affects MX Series devices with MPC10, MPC11, or LC9600, and MX304. Junos OS versions earlier than 20.4R3-S9, 21.2R3-S6, 21.3R3-S5, 21.4R3, 22.1R3, 22.2R2, and 22.3R2 are vulnerable to this exploit.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Juniper Junos
Affected Vendors
- Juniper Networks
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions