2024-01-12 03:00:28 +00:00
{
"id" : "CVE-2024-21597" ,
"sourceIdentifier" : "sirt@juniper.net" ,
"published" : "2024-01-12T01:15:47.460" ,
2024-01-19 23:00:27 +00:00
"lastModified" : "2024-01-19T21:04:30.330" ,
"vulnStatus" : "Analyzed" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2024-01-12 03:00:28 +00:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "\nAn Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions.\n\nIn an Abstracted Fabric (AF) scenario if routing-instances (RI) are configured, specific valid traffic destined to the device can bypass the configured lo0 firewall filters as it's received in the wrong RI context.\n\nThis issue affects Juniper Networks Junos OS on MX Series:\n\n\n\n * All versions earlier than 20.4R3-S9;\n * 21.2 versions earlier than 21.2R3-S3;\n * 21.4 versions earlier than 21.4R3-S5;\n * 22.1 versions earlier than 22.1R3;\n * 22.2 versions earlier than 22.2R3;\n * 22.3 versions earlier than 22.3R2.\n\n\n\n\n\n\n"
2024-01-12 15:00:29 +00:00
} ,
{
"lang" : "es" ,
"value" : "Una vulnerabilidad de exposici\u00f3n de recursos a una esfera incorrecta en el Packet Forwarding Engine (PFE) de Juniper Networks Junos OS en la serie MX permite a un atacante no autenticado basado en la red eludir las restricciones de acceso previstas. En un escenario de Abstracted Fabric (AF), si se configuran instancias de enrutamiento (RI), el tr\u00e1fico v\u00e1lido espec\u00edfico destinado al dispositivo puede omitir los filtros de firewall lo0 configurados, ya que se recibe en el contexto de RI incorrecto. Este problema afecta a Juniper Networks Junos OS en la serie MX: * Todas las versiones anteriores a 20.4R3-S9; * Versiones 21.2 anteriores a 21.2R3-S3; * Versiones 21.4 anteriores a 21.4R3-S5; * Versiones 22.1 anteriores a 22.1R3; * Versiones 22.2 anteriores a 22.2R3; * Versiones 22.3 anteriores a 22.3R2."
2024-01-12 03:00:28 +00:00
}
] ,
"metrics" : {
"cvssMetricV31" : [
2024-01-19 23:00:27 +00:00
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "NONE" ,
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH"
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
} ,
2024-01-12 03:00:28 +00:00
{
"source" : "sirt@juniper.net" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "LOW" ,
"availabilityImpact" : "NONE" ,
"baseScore" : 5.3 ,
"baseSeverity" : "MEDIUM"
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 1.4
}
]
} ,
"weaknesses" : [
2024-01-19 23:00:27 +00:00
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-668"
}
]
} ,
2024-01-12 03:00:28 +00:00
{
"source" : "sirt@juniper.net" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-668"
}
]
}
] ,
2024-01-19 23:00:27 +00:00
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "3D361B23-A3C2-444B-BEB8-E231DA950567"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "037BA01C-3F5C-4503-A633-71765E9EF774"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*" ,
"matchCriteriaId" : "C54B047C-4B38-40C0-9855-067DCF7E48BD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "38984199-E332-4A9C-A4C0-78083D052E15"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "AA6526FB-2941-4D18-9B2E-472AD5A62A53"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*" ,
"matchCriteriaId" : "09876787-A40A-4340-9C12-8628C325353B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "41615104-C17E-44DA-AB0D-6E2053BD4EF4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "1981DE38-36B5-469D-917E-92717EE3ED53"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*" ,
"matchCriteriaId" : "AFA68ACD-AAE5-4577-B734-23AAF77BC85A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*" ,
"matchCriteriaId" : "65948ABC-22BB-46D5-8545-0806EDB4B86E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*" ,
"matchCriteriaId" : "283E41CB-9A90-4521-96DC-F31AA592CFD8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*" ,
"matchCriteriaId" : "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*" ,
"matchCriteriaId" : "977DEF80-0DB5-4828-97AC-09BB3111D585"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r3-s8:*:*:*:*:*:*" ,
"matchCriteriaId" : "C445622E-8E57-4990-A71A-E1993BFCB91A"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "A52AF794-B36B-43A6-82E9-628658624B0A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "3998DC76-F72F-4452-9150-652140B113EB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*" ,
"matchCriteriaId" : "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*" ,
"matchCriteriaId" : "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "E596ABD9-6ECD-48DC-B770-87B7E62EA345"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "71745D02-D226-44DC-91AD-678C85F5E6FC"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "9962B01C-C57C-4359-9532-676AB81CE8B0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "62178549-B679-4902-BFDB-2993803B7FCE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*" ,
"matchCriteriaId" : "9AD697DF-9738-4276-94ED-7B9380CD09F5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "09FF5818-0803-4646-A386-D7C645EE58A3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*" ,
"matchCriteriaId" : "0CB280D8-C5D8-4B51-A879-496ACCDE4538"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*" ,
"matchCriteriaId" : "0A5B196A-2AF1-4AE5-9148-A75A572807BC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*" ,
"matchCriteriaId" : "3B457616-2D91-4913-9A7D-038BBF8F1F66"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "9D157211-535E-4B2D-B2FE-F697FAFDF65C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "E117E493-F4E1-4568-88E3-F243C74A2662"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*" ,
"matchCriteriaId" : "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "1B615DBA-8C53-41D4-B264-D3EED8578471"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "06156CD6-09D3-4A05-9C5E-BC64A70640F9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "E949B21B-AD62-4022-9088-06313277479E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "8D862E6F-0D01-4B25-8340-888C30F75A2F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*" ,
"matchCriteriaId" : "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "19519212-51DD-4448-B115-8A20A40192CC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "FDE9E767-4713-4EA2-8D00-1382975A4A15"
}
]
}
]
}
] ,
2024-01-12 03:00:28 +00:00
"references" : [
{
"url" : "https://supportportal.juniper.net/JSA75738" ,
2024-01-19 23:00:27 +00:00
"source" : "sirt@juniper.net" ,
"tags" : [
"Vendor Advisory"
]
2024-01-12 03:00:28 +00:00
} ,
{
"url" : "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" ,
2024-01-19 23:00:27 +00:00
"source" : "sirt@juniper.net" ,
"tags" : [
"Third Party Advisory"
]
2024-01-12 03:00:28 +00:00
}
]
}
