{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-21594", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2023-12-27T19:38:25.704Z", "datePublished": "2024-01-12T00:52:18.218Z", "dateUpdated": "2024-08-01T22:27:35.525Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["SRX 5000 Series"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "20.4R3-S6", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "21.1R3-S5", "status": "affected", "version": "21.1", "versionType": "semver"}, {"lessThan": "21.2R3-S4", "status": "affected", "version": "21.2", "versionType": "semver"}, {"lessThan": "21.3R3-S3", "status": "affected", "version": "21.3", "versionType": "semver"}, {"lessThan": "21.4R3-S3", "status": "affected", "version": "21.4", "versionType": "semver"}, {"lessThan": "22.1R3-S1", "status": "affected", "version": "22.1", "versionType": "semver"}, {"lessThan": "22.2R3", "status": "affected", "version": "22.2", "versionType": "semver"}, {"lessThan": "22.3R2", "status": "affected", "version": "22.3", "versionType": "semver"}]}], "datePublic": "2024-01-10T17:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>A Heap-based Buffer Overflow vulnerability in the Network Services Daemon (NSD) of Juniper Networks Junos OS allows authenticated, low privileged, local attacker to cause a Denial of Service (DoS).</p><p>On an SRX 5000 Series device, when executing a specific command repeatedly, memory is corrupted, which leads to a Flow Processing Daemon (flowd) crash.</p><p>The NSD process has to be restarted to restore services.</p><p>If this issue occurs, it can be checked with the following command:</p><code>user@host&gt; request security policies check</code><br><p>The following log message can also be observed:</p><code>Error: policies are out of sync for PFE node&lt;number&gt;.fpc&lt;number&gt;.pic&lt;number&gt;.</code><br><p>This issue affects:</p><p>Juniper Networks Junos OS on SRX 5000 Series</p><p></p><ul><li>All versions earlier than 20.4R3-S6;</li><li>21.1 versions earlier than 21.1R3-S5;</li><li>21.2 versions earlier than 21.2R3-S4;</li><li>21.3 versions earlier than 21.3R3-S3;</li><li>21.4 versions earlier than 21.4R3-S3;</li><li>22.1 versions earlier than 22.1R3-S1;</li><li>22.2 versions earlier than 22.2R3;</li><li>22.3 versions earlier than 22.3R2.</li></ul><p></p>\n\n"}], "value": "\nA Heap-based Buffer Overflow vulnerability in the Network Services Daemon (NSD) of Juniper Networks Junos OS allows authenticated, low privileged, local attacker to cause a Denial of Service (DoS).\n\nOn an SRX 5000 Series device, when executing a specific command repeatedly, memory is corrupted, which leads to a Flow Processing Daemon (flowd) crash.\n\nThe NSD process has to be restarted to restore services.\n\nIf this issue occurs, it can be checked with the following command:\n\nuser@host> request security policies check\nThe following log message can also be observed:\n\nError: policies are out of sync for PFE node<number>.fpc<number>.pic<number>.\nThis issue affects:\n\nJuniper Networks Junos OS on SRX 5000 Series\n\n\n\n * All versions earlier than 20.4R3-S6;\n * 21.1 versions earlier than 21.1R3-S5;\n * 21.2 versions earlier than 21.2R3-S4;\n * 21.3 versions earlier than 21.3R3-S3;\n * 21.4 versions earlier than 21.4R3-S3;\n * 22.1 versions earlier than 22.1R3-S1;\n * 22.2 versions earlier than 22.2R3;\n * 22.3 versions earlier than 22.3R2.\n\n\n\n\n\n\n"}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Juniper SIRT is not aware of any malicious exploitation of this vulnerability.</p>"}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"description": "Denial of Service (DoS)", "lang": "en"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-01-12T00:52:18.218Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://supportportal.juniper.net/JSA75733"}, {"tags": ["technical-description"], "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S6, 21.1R3-S5, 21.2R3-S4, 21.3R3-S3, 21.3R3-S4, 21.4R3-S3, 22.1R3-S1, 22.2R3, 22.3R2, 22.4R1, 22.4R2, 23.1R1, and all subsequent releases.</p>"}], "value": "The following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S6, 21.1R3-S5, 21.2R3-S4, 21.3R3-S3, 21.3R3-S4, 21.4R3-S3, 22.1R3-S1, 22.2R3, 22.3R2, 22.4R1, 22.4R2, 23.1R1, and all subsequent releases.\n\n"}], "source": {"advisory": "JSA75733", "defect": ["1694960"], "discovery": "USER"}, "timeline": [{"lang": "en", "time": "2024-01-10T17:00:00.000Z", "value": "Initial Publication"}], "title": "Junos OS: SRX 5000 Series: Repeated execution of a specific CLI command causes a flowd crash", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>There are no known workarounds for this issue.</p>"}], "value": "There are no known workarounds for this issue.\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-av217"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:27:35.525Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://supportportal.juniper.net/JSA75733"}, {"tags": ["technical-description", "x_transferred"], "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", "matchCriteriaId": "E3A96966-5060-4139-A124-D4E2C879FD6C", "versionEndExcluding": "20.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", "matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", "matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*", "matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*", "matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*", "matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "5C1C3B09-3800-493E-A319-57648305FE6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", "matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", "matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*", "matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*", "matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", "matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*", "matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", "matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*", "matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*", "matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*", "matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", "matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*", "matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", "matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nA Heap-based Buffer Overflow vulnerability in the Network Services Daemon (NSD) of Juniper Networks Junos OS allows authenticated, low privileged, local attacker to cause a Denial of Service (DoS).\n\nOn an SRX 5000 Series device, when executing a specific command repeatedly, memory is corrupted, which leads to a Flow Processing Daemon (flowd) crash.\n\nThe NSD process has to be restarted to restore services.\n\nIf this issue occurs, it can be checked with the following command:\n\nuser@host> request security policies check\nThe following log message can also be observed:\n\nError: policies are out of sync for PFE node<number>.fpc<number>.pic<number>.\nThis issue affects:\n\nJuniper Networks Junos OS on SRX 5000 Series\n\n\n\n * All versions earlier than 20.4R3-S6;\n * 21.1 versions earlier than 21.1R3-S5;\n * 21.2 versions earlier than 21.2R3-S4;\n * 21.3 versions earlier than 21.3R3-S3;\n * 21.4 versions earlier than 21.4R3-S3;\n * 22.1 versions earlier than 22.1R3-S1;\n * 22.2 versions earlier than 22.2R3;\n * 22.3 versions earlier than 22.3R2.\n\n\n\n\n\n\n"}, {"lang": "es", "value": "Una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n Heap de la memoria en el Network Services Daemon (NSD) de Juniper Networks Junos OS permite que un atacante local autenticado y con pocos privilegios provoque una denegaci\u00f3n de servicio (DoS). En un dispositivo de la serie SRX 5000, al ejecutar un comando espec\u00edfico repetidamente, la memoria se da\u00f1a, lo que provoca un bloqueo del Flow Processing Daemon (flowd). El proceso NSD debe reiniciarse para restaurar los servicios. Si ocurre este problema, se puede verificar con el siguiente comando: usuario@host&gt; solicitar pol\u00edticas de seguridad verificar Tambi\u00e9n se puede observar el siguiente mensaje de registro: Error: policies are out of sync for PFE node.fpc.pic. Este problema afecta a: Juniper Networks Junos OS en la serie SRX 5000 * Todas las versiones anteriores a 20.4R3-S6; * Versiones 21.1 anteriores a 21.1R3-S5; * Versiones 21.2 anteriores a 21.2R3-S4; * Versiones 21.3 anteriores a 21.3R3-S3; * Versiones 21.4 anteriores a 21.4R3-S3; * Versiones 22.1 anteriores a 22.1R3-S1; * Versiones 22.2 anteriores a 22.2R3; * Versiones 22.3 anteriores a 22.3R2."}], "id": "CVE-2024-21594", "lastModified": "2024-01-18T20:14:10.903", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2024-01-12T01:15:46.880", "references": [{"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://supportportal.juniper.net/JSA75733"}, {"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-122"}], "source": "sirt@juniper.net", "type": "Secondary"}]}

{}