CVE-2024-21604

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 12, 2024
Updated: Jan 19, 2024
CWE ID 770

Summary

CVE-2024-21604 is a vulnerability that affects Juniper Networks Junos OS Evolved. It is an Allocation of Resources Without Limits or Throttling vulnerability that allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS) by sending a high rate of specific valid packets to the routing engine. This can result in a loss of connectivity and a complete system outage. The issue can be mitigated by using a carefully designed lo0 firewall filter to block or limit these packets. The affected versions include all versions earlier than 20.4R3-S7-EVO, 21.2R1-EVO and later versions, 21.4-EVO versions earlier than 21.4R3-S5-EVO, 22.1-EVO versions earlier than 22.1R3-S2-EVO, and 22.2-EVO versions earlier than 22.2R3-EVO. The vulnerability has a base severity rating of HIGH and poses a potential danger to organizations as it could lead to a complete and persistent system outage if exploited by an attacker with network access.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-21604 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options