mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
209 lines
9.8 KiB
JSON
209 lines
9.8 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-21617",
|
|
"ASSIGNER": "sirt@juniper.net",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "\nAn Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service (DoS).\n\nOn all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual reboot of the system will restore the services.\n\nNote: NSR is not supported on the SRX Series and is therefore not affected by this vulnerability.\nThe memory usage can be monitored using the below commands.\n\nuser@host> show chassis routing-engine no-forwarding\nuser@host> show system memory | no-more\nThis issue affects:\n\nJuniper Networks Junos OS\n\n\n\n * 21.2 versions earlier than 21.2R3-S5;\n * 21.3 versions earlier than 21.3R3-S4;\n * 21.4 versions earlier than 21.4R3-S4;\n * 22.1 versions earlier than 22.1R3-S2;\n * 22.2 versions earlier than 22.2R3-S2;\n * 22.3 versions earlier than 22.3R2-S1, 22.3R3;\n * 22.4 versions earlier than 22.4R1-S2, 22.4R2.\n\n\n\n\nThis issue does not affect Junos OS versions earlier than 20.4R3-S7.\n\n\n\n"
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-459 Incomplete Cleanup",
|
|
"cweId": "CWE-459"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Denial of Service (DoS)"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Juniper Networks",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Junos OS",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "not down converted",
|
|
"x_cve_json_5_version_data": {
|
|
"versions": [
|
|
{
|
|
"lessThan": "21.2R3-S5",
|
|
"status": "affected",
|
|
"version": "21.2",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"lessThan": "21.3R3-S4",
|
|
"status": "affected",
|
|
"version": "21.3",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"lessThan": "21.4R3-S4",
|
|
"status": "affected",
|
|
"version": "21.4",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"lessThan": "22.1R3-S2",
|
|
"status": "affected",
|
|
"version": "22.1",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"lessThan": "22.2R3-S2",
|
|
"status": "affected",
|
|
"version": "22.2",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"lessThan": "22.3R2-S1, 22.3R3",
|
|
"status": "affected",
|
|
"version": "22.3",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"lessThan": "22.4R1-S2, 22.4R2",
|
|
"status": "affected",
|
|
"version": "22.4",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"lessThan": "20.4R3-S7",
|
|
"status": "unaffected",
|
|
"version": "0",
|
|
"versionType": "semver"
|
|
}
|
|
],
|
|
"defaultStatus": "unaffected"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://supportportal.juniper.net/JSA75758",
|
|
"refsource": "MISC",
|
|
"name": "https://supportportal.juniper.net/JSA75758"
|
|
},
|
|
{
|
|
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
|
|
"refsource": "MISC",
|
|
"name": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.1.0-av217"
|
|
},
|
|
"source": {
|
|
"advisory": "JSA75758",
|
|
"defect": [
|
|
"1711656"
|
|
],
|
|
"discovery": "USER"
|
|
},
|
|
"configuration": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "<p>To be exposed to this issue non-stop routing (NSR) needs to be configured:</p><code> [routing-options nonstop-routing]</code><br/>"
|
|
}
|
|
],
|
|
"value": "To be exposed to this issue non-stop routing (NSR) needs to be configured:\n\n [routing-options nonstop-routing]\n"
|
|
}
|
|
],
|
|
"work_around": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "<p>There are no known workarounds for this issue.</p>"
|
|
}
|
|
],
|
|
"value": "There are no known workarounds for this issue.\n\n"
|
|
}
|
|
],
|
|
"exploit": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "<p>Juniper SIRT is not aware of any malicious exploitation of this vulnerability.</p>"
|
|
}
|
|
],
|
|
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
|
|
}
|
|
],
|
|
"solution": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "<p>The following software releases have been updated to resolve this specific issue: Junos OS 21.2R3-S5, 21.3R3-S4, 21.4R3-S4, 22.1R3-S2, 22.2R3-S2, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.2R1, and all subsequent releases.</p>"
|
|
}
|
|
],
|
|
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 21.2R3-S5, 21.3R3-S4, 21.4R3-S4, 22.1R3-S2, 22.2R3-S2, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.2R1, and all subsequent releases.\n\n"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "ADJACENT_NETWORK",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 6.5,
|
|
"baseSeverity": "MEDIUM",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"privilegesRequired": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"version": "3.1"
|
|
}
|
|
]
|
|
}
|
|
} |