CVE-2024-21616

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 12, 2024
Updated: Jan 19, 2024
CWE ID 1286

Summary

CVE-2024-21616 is an Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS. This vulnerability allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS) by continuously sending a specific SIP ALG packet to MX Series and SRX Series platforms with enabled SIP ALG. The issue affects Junos OS versions earlier than 21.2R3-S6, 21.3 versions earlier than 21.3R3-S5, and 21.4. To remediate the vulnerability, users can monitor NAT IP usage using the specified command. This vulnerability poses a potential danger to organizations as it could lead to a sustained DoS condition, disrupting network services and impacting business operations.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-21616 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options