An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding Protocol (OFP) service of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On all Junos OS Evolved platforms, when specific TCP packets are received on an open OFP port, the OFP crashes leading to a restart of Routine Engine (RE). Continuous receipt of these specific TCP packets will lead to a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved * All versions earlier than 21.2R3-S7-EVO; * 21.3 versions earlier than 21.3R3-S5-EVO ; * 21.4 versions earlier than 21.4R3-S5-EVO; * 22.1 versions earlier than 22.1R3-S4-EVO; * 22.2 versions earlier than 22.2R3-S3-EVO ; * 22.3 versions earlier than 22.3R3-EVO; * 22.4 versions earlier than 22.4R2-EVO, 22.4R3-EVO.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Juniper
  • Junos Os Evolved

Configuration 1 [-]

OR cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.3:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.3:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.3:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.3:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.3:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.3:r2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.3:r3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.3:r3-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.3:r3-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.3:r3-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.3:r3-s4:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.1:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.1:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.1:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.1:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.1:r3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.1:r3-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.1:r3-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.1:r3-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.3:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*

No data.

References
Link Providers
https://supportportal.juniper.net/JSA75753 cve-icon cve-icon
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2024-01-12T00:55:37.059Z

Updated: 2024-08-01T22:27:36.014Z

Reserved: 2023-12-27T19:38:25.709Z

Link: CVE-2024-21612

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-12T01:15:49.457

Modified: 2024-01-29T16:15:09.040

Link: CVE-2024-21612

cve-icon Redhat

No data.