{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-21590","assignerOrgId":"8cbe9d5a-a066-4c94-8978-4b15efeae968","state":"PUBLISHED","assignerShortName":"juniper","dateReserved":"2023-12-27T19:38:25.704Z","datePublished":"2024-04-12T14:53:49.366Z","dateUpdated":"2024-08-01T22:27:34.794Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Junos OS Evolved","vendor":"Juniper Networks","versions":[{"lessThan":"21.2R3-S8-EVO","status":"affected","version":"0","versionType":"semver"},{"lessThan":"21.4R3-S6-EVO","status":"affected","version":"21.4-EVO","versionType":"semver"},{"lessThan":"22.2R3-S4-EVO","status":"affected","version":"22.2-EVO","versionType":"semver"},{"lessThan":"22.3R3-S3-EVO","status":"affected","version":"22.3-EVO","versionType":"semver"},{"lessThan":"22.4R3-EVO","status":"affected","version":"22.4-EVO","versionType":"semver"},{"lessThan":"23.2R2-EVO","status":"affected","version":"23.2-EVO","versionType":"semver"},{"lessThan":"23.4R1-S1-EVO","status":"affected","version":"23.4-EVO","versionType":"semver"}]}],"datePublic":"2024-04-10T16:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"An Improper Input Validation vulnerability in Juniper Tunnel Driver (jtd) and ICMP module of Juniper Networks Junos OS Evolved allows an unauthenticated attacker within the MPLS administrative domain to send specifically crafted packets to the Routing Engine (RE) to cause a Denial of Service (DoS).&nbsp;<br><br>When specifically crafted transit MPLS IPv4 packets are received by the Packet Forwarding Engine (PFE), these packets are internally forwarded to the RE.&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">Continued receipt of these packets may create a sustained Denial of Service (DoS) condition.</span><br><br>This issue affects Juniper Networks Junos OS:<br><br><ul><li>All versions before 21.2R3-S8-EVO;</li><li>from 21.4-EVO before 21.4R3-S6-EVO;</li><li>from 22.2-EVO before 22.2R3-S4-EVO;</li><li>from 22.3-EVO before 22.3R3-S3-EVO;</li><li>from 22.4-EVO before 22.4R3-EVO;</li><li>from 23.2-EVO before 23.2R2-EVO.</li><li>from 23.4-EVO before 23.4R1-S1-EVO.</li></ul>"}],"value":"An Improper Input Validation vulnerability in Juniper Tunnel Driver (jtd) and ICMP module of Juniper Networks Junos OS Evolved allows an unauthenticated attacker within the MPLS administrative domain to send specifically crafted packets to the Routing Engine (RE) to cause a Denial of Service (DoS). \n\nWhen specifically crafted transit MPLS IPv4 packets are received by the Packet Forwarding Engine (PFE), these packets are internally forwarded to the RE. Continued receipt of these packets may create a sustained Denial of Service (DoS) condition.\n\nThis issue affects Juniper Networks Junos OS:\n\n  *  All versions before 21.2R3-S8-EVO;\n  *  from 21.4-EVO before 21.4R3-S6-EVO;\n  *  from 22.2-EVO before 22.2R3-S4-EVO;\n  *  from 22.3-EVO before 22.3R3-S3-EVO;\n  *  from 22.4-EVO before 22.4R3-EVO;\n  *  from 23.2-EVO before 23.2R2-EVO.\n  *  from 23.4-EVO before 23.4R1-S1-EVO."}],"exploits":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>Juniper SIRT is not aware of any malicious exploitation of this vulnerability.</p>"}],"value":"Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"ADJACENT_NETWORK","availabilityImpact":"HIGH","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]},{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"ADJACENT","baseScore":7.1,"baseSeverity":"HIGH","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20 Improper Input Validation","lang":"en","type":"CWE"}]},{"descriptions":[{"description":"Denial of Service","lang":"en"}]}],"providerMetadata":{"orgId":"8cbe9d5a-a066-4c94-8978-4b15efeae968","shortName":"juniper","dateUpdated":"2024-05-16T20:04:36.603Z"},"references":[{"tags":["vendor-advisory"],"url":"https://supportportal.juniper.net/JSA75728"},{"tags":["technical-description"],"url":"https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>The following software releases have been updated to resolve this specific issue: </p><p>Junos OS Evolved:21.2R3-S8-EVO, 21.4R3-S6-EVO, 22.2R3-S4-EVO, <span style=\"background-color: rgb(255, 255, 255);\">22.3R3-S3-EVO,&nbsp;</span>22.4R3-EVO, 23.2R2-EVO, 23.4R1-EVO, 23.4R1-S1-EVO, 24.1R1-EVO and all subsequent releases.<br></p><div><div><div><br></div></div></div><br>"}],"value":"The following software releases have been updated to resolve this specific issue: \n\nJunos OS Evolved:21.2R3-S8-EVO, 21.4R3-S6-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-EVO, 23.2R2-EVO, 23.4R1-EVO, 23.4R1-S1-EVO, 24.1R1-EVO and all subsequent releases."}],"source":{"advisory":"JSA75728","defect":["1731219"],"discovery":"INTERNAL"},"timeline":[{"lang":"en","time":"2024-04-10T16:00:00.000Z","value":"Initial Publication"}],"title":"Junos OS Evolved: Packets which are not destined to the device can reach the RE","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>There are no known workarounds for this issue.</p>"}],"value":"There are no known workarounds for this issue."}],"x_generator":{"engine":"Vulnogram 0.1.0-av217"}},"adp":[{"title":"CISA ADP Vulnrichment","metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-21590","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-05-17T13:04:27.027073Z"}}}],"providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-04T17:37:31.458Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T22:27:34.794Z"},"title":"CVE Program Container","references":[{"tags":["vendor-advisory","x_transferred"],"url":"https://supportportal.juniper.net/JSA75728"},{"tags":["technical-description","x_transferred"],"url":"https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"}]}]}}