CVE-2024-21604

{"id": "CVE-2024-21604", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-01-12T01:15:48.677", "references": [{"url": "https://supportportal.juniper.net/JSA75745", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://supportportal.juniper.net/JSA75745", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-770"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "\nAn Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\n\nIf a high rate of specific valid packets are processed by the routing engine (RE) this will lead to a loss of connectivity of the RE with other components of the chassis and thereby a complete and persistent system outage. Please note that a carefully designed lo0 firewall filter will block or limit these packets which should prevent this issue from occurring.\n\nThe following log messages can be seen when this issue occurs:\n\n<host> kernel: nf_conntrack: nf_conntrack: table full, dropping packet\nThis issue affects Juniper Networks Junos OS Evolved:\n\n\n\n * All versions earlier than 20.4R3-S7-EVO;\n * 21.2R1-EVO and later versions;\n * 21.4-EVO versions earlier than 21.4R3-S5-EVO;\n * 22.1-EVO versions earlier than 22.1R3-S2-EVO;\n * 22.2-EVO versions earlier than 22.2R3-EVO;\n * 22.3-EVO versions earlier than 22.3R2-EVO;\n * 22.4-EVO versions earlier than 22.4R2-EVO.\n\n\n\n\n\n\n"}, {"lang": "es", "value": "Una vulnerabilidad de asignaci\u00f3n de recursos sin l\u00edmites ni limitaci\u00f3n en el kernel de Juniper Networks Junos OS Evolved permite que un atacante no autenticado basado en la red provoque una denegaci\u00f3n de servicio (DoS). Si el motor de enrutamiento (RE) procesa una alta tasa de paquetes v\u00e1lidos espec\u00edficos, esto provocar\u00e1 una p\u00e9rdida de conectividad del RE con otros componentes del chasis y, por lo tanto, una interrupci\u00f3n completa y persistente del sistema. Tenga en cuenta que un filtro de firewall lo0 cuidadosamente dise\u00f1ado bloquear\u00e1 o limitar\u00e1 estos paquetes, lo que deber\u00eda evitar que ocurra este problema. Los siguientes mensajes de registro se pueden ver cuando ocurre este problema: kernel: nf_conntrack: nf_conntrack: table full, dropping packet. Este problema afecta a Juniper Networks Junos OS Evolved: * Todas las versiones anteriores a 20.4R3-S7-EVO; * 21.2R1-EVO y versiones posteriores; * Versiones 21.4-EVO anteriores a 21.4R3-S5-EVO; * Versiones 22.1-EVO anteriores a 22.1R3-S2-EVO; * Versiones 22.2-EVO anteriores a 22.2R3-EVO; * Versiones 22.3-EVO anteriores a 22.3R2-EVO; * Versiones 22.4-EVO anteriores a 22.4R2-EVO."}], "lastModified": "2024-11-21T08:54:42.177", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E1E57AF-979B-4022-8AD6-B3558E06B718"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "144730FB-7622-4B3D-9C47-D1B7A7FB7EB0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BA246F0-154E-4F44-A97B-690D22FA73DD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25D6C07C-F96E-4523-BB54-7FEABFE1D1ED"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B70C784-534B-4FAA-A5ED-3709656E2B97"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60448FFB-568E-4280-9261-ADD65244F31A"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B770C52-7E3E-4B92-9138-85DEC56F3B22"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E88AC378-461C-4EFA-A04B-5786FF21FE03"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B0AFB30-81DC-465C-9F63-D1B15EA4809A"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2035F0AC-29E7-478A-A9D0-BAA3A88B3413"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C34ABD4B-B045-4046-9641-66E3B2082A25"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D5DC04F-18DE-403B-BE93-2251F3332C1C"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74ED0939-D5F8-4334-9838-40F29DE3597F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6937069-8C19-4B01-8415-ED7E9EAE2CE2"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97DB6DD5-F5DD-4AE1-AF2F-8DB9E18FF882"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21DF05B8-EF7E-422F-8831-06904160714C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "492FCE45-68A1-4378-85D4-C4034FE0D836"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "522114CC-1505-4205-B4B8-797DE1BD833B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9D664AB-0FA7-49C7-B6E1-69C77652FBEF"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C16434C0-21A7-4CE5-92E1-7D60A35EF5D1"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "750FE748-82E7-4419-A061-2DEA26E35309"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "236E23E5-8B04-4081-9D97-7300DF284000"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FC96EA7-90A7-4838-B95D-60DBC88C7BC7"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97541867-C52F-40BB-9AAE-7E87ED23D789"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85CF6664-E35A-4E9B-95C0-CDC91F7F331A"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E048A05D-882F-4B1C-BA32-3BBA3FEA31A3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47E8D51D-1424-4B07-B036-E3E195F21AC2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}