{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2024-21586",
        "ASSIGNER": "sirt@juniper.net",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series and NFX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\nIf an affected device receives specific valid traffic destined to the device, it will cause the PFE to crash and restart.  Continued receipt and processing of this traffic will create a sustained DoS condition.\n\nThis issue affects Junos OS on SRX Series:\n\n  *  21.4 versions before 21.4R3-S7.9,\n  *  22.1 versions before 22.1R3-S5.3,\n  *  22.2 versions before 22.2R3-S4.11,\n  *  22.3 versions before 22.3R3,\n  *  22.4 versions before 22.4R3.\n\n\n\n\n\n\nThis issue affects Junos OS on NFX Series:\n\n  *  21.4 versions before 21.4R3-S8,\n  *  22.1 versions after 22.1R1,\n  *  22.2 versions before 22.2R3-S5,\n  *  22.3 versions before 22.3R3,\n  *  22.4 versions before 22.4R3.\n\n\n\n\n\n\nJunos OS versions prior to 21.4R1 are not affected by this issue."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
                        "cweId": "CWE-754"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Juniper Networks",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Junos OS",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "not down converted",
                                            "x_cve_json_5_version_data": {
                                                "versions": [
                                                    {
                                                        "lessThan": "21.4R1",
                                                        "status": "unaffected",
                                                        "version": "0",
                                                        "versionType": "semver"
                                                    },
                                                    {
                                                        "lessThan": "21.4R3-S7.9",
                                                        "status": "affected",
                                                        "version": "21.4",
                                                        "versionType": "semver"
                                                    },
                                                    {
                                                        "lessThan": "22.1R3-S5.3",
                                                        "status": "affected",
                                                        "version": "22.1",
                                                        "versionType": "semver"
                                                    },
                                                    {
                                                        "lessThan": "22.2R3-S4.11",
                                                        "status": "affected",
                                                        "version": "22.2",
                                                        "versionType": "semver"
                                                    },
                                                    {
                                                        "lessThan": "22.3R3",
                                                        "status": "affected",
                                                        "version": "22.3",
                                                        "versionType": "semver"
                                                    },
                                                    {
                                                        "lessThan": "22.4R3",
                                                        "status": "affected",
                                                        "version": "22.4",
                                                        "versionType": "semver"
                                                    }
                                                ],
                                                "defaultStatus": "unaffected"
                                            }
                                        },
                                        {
                                            "version_value": "not down converted",
                                            "x_cve_json_5_version_data": {
                                                "versions": [
                                                    {
                                                        "lessThan": "21.4R1",
                                                        "status": "unaffected",
                                                        "version": "0",
                                                        "versionType": "semver"
                                                    },
                                                    {
                                                        "lessThan": "21.4R3-S8",
                                                        "status": "affected",
                                                        "version": "21.4",
                                                        "versionType": "semver"
                                                    },
                                                    {
                                                        "status": "affected",
                                                        "version": "22.1"
                                                    },
                                                    {
                                                        "lessThan": "22.2R3-S5",
                                                        "status": "affected",
                                                        "version": "22.2",
                                                        "versionType": "semver"
                                                    },
                                                    {
                                                        "lessThan": "22.3R3",
                                                        "status": "affected",
                                                        "version": "22.3",
                                                        "versionType": "semver"
                                                    },
                                                    {
                                                        "lessThan": "22.4R3",
                                                        "status": "affected",
                                                        "version": "22.4",
                                                        "versionType": "semver"
                                                    }
                                                ],
                                                "defaultStatus": "unaffected"
                                            }
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://supportportal.juniper.net/JSA83195",
                "refsource": "MISC",
                "name": "https://supportportal.juniper.net/JSA83195"
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.1.0-dev"
    },
    "source": {
        "advisory": "JSA83195",
        "defect": [
            "1719594"
        ],
        "discovery": "USER"
    },
    "work_around": [
        {
            "lang": "en",
            "value": "There are no known workarounds for this issue."
        }
    ],
    "exploit": [
        {
            "lang": "en",
            "supportingMedia": [
                {
                    "base64": false,
                    "type": "text/html",
                    "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.&nbsp;However, multiple occurrences of this issue have been reported in production."
                }
            ],
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\u00a0However, multiple occurrences of this issue have been reported in production."
        }
    ],
    "solution": [
        {
            "lang": "en",
            "supportingMedia": [
                {
                    "base64": false,
                    "type": "text/html",
                    "value": "\n\nThe following software releases have been updated to resolve this specific issue: <br>SRX Series: 21.4R3-S7.<strong>9</strong>, 22.1R3-S5.<strong>3</strong>, 22.2R3-S4.<strong>11</strong>, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases;<br>NFX Series: 21.4R3-S8, 22.2R3-S5*, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases.<br>* Pending publication.<br><br>Please note that the software versions 21.4R3-S7.9, 22.1R3-S5.3 and 22.2R3-S4.11 are respins of previously released versions, so special attention needs to be paid to the last digits of the version number.\n\n"
                }
            ],
            "value": "\nThe following software releases have been updated to resolve this specific issue: \nSRX Series: 21.4R3-S7.9, 22.1R3-S5.3, 22.2R3-S4.11, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases;\nNFX Series: 21.4R3-S8, 22.2R3-S5*, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases.\n* Pending publication.\n\nPlease note that the software versions 21.4R3-S7.9, 22.1R3-S5.3 and 22.2R3-S4.11 are respins of previously released versions, so special attention needs to be paid to the last digits of the version number.\n\n"
        }
    ],
    "impact": {
        "cvss": [
            {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
            }
        ]
    }
}