March 25, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – New Version of Atomic Stealer Uses Encrypted Payload to Target MacOS Users – Active IOCs
January 12, 2024Rewterz Threat Advisory – Multiple Trend Micro Apex One and Apex One Zero Day Vulnerabilities
January 12, 2024Rewterz Threat Alert – New Version of Atomic Stealer Uses Encrypted Payload to Target MacOS Users – Active IOCs
January 12, 2024Rewterz Threat Advisory – Multiple Trend Micro Apex One and Apex One Zero Day Vulnerabilities
January 12, 2024
Severity
Medium
Analysis Summary
CVE-2024-21617 CVSS:6.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an incomplete cleanup vulnerability in Nonstop active routing (NSR) component. By sending specially crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-21604 CVSS:7.5
Juniper Networks Junos OS Evolved is vulnerable to a denial of service, caused by a allocation of resources without limits or throttling vulnerability in the kerne. By sending specially crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-21599 CVSS:6.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a missing release of memory after effective lifetime vulnerability in the Packet Forwarding Engine (PFE). By sending specially crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-21607 CVSS:5.3
Juniper Networks Junos OS could allow a remote attacker to bypass security restrictions, caused by an unsupported feature in the UI vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to cause partial impact to the integrity of the device.
CVE-2024-21585 CVSS:5.9
Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by an improper handling of exceptional conditions vulnerability in BGP session processing. By sending specially crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-21600 CVSS:6.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper neutralization of equivalent special elements vulnerability in the Packet Forwarding Engine (PFE). By sending specially crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-21606 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a double free vulnerability in the flow processing daemon (flowd). By sending specially crafted packets, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-21611 CVSS:7.5
Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by missing release of memory after effective lifetime in the Routing Protocol Daemon (rpd). In a Juniper Flow Monitoring (jflow) scenario route churn that causes BGP next hops to be updated, a remote attacker could exploit this vulnerability to cause a slow memory leak and eventually a crash and restart of rpd.
Impact
- Denial of Service
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2024-21617
- CVE-2024-21604
- CVE-2024-21599
- CVE-2024-21607
- CVE-2024-21585
- CVE-2024-21600
- CVE-2024-21606
- CVE-2024-21611
Affected Vendors
Juniper
Affected Products
- Juniper Networks Junos OS
- Juniper Networks Junos OS Evolved
- Juniper Networks Junos OS 21.2
- Juniper Networks Junos OS 21.3
- Juniper Networks Junos OS 21.4
- Juniper Networks Junos OS 22.1
- Juniper Networks Junos OS 22.3
- Juniper Networks Junos OS 22.2
- Juniper Networks Junos OS 22.4
- Juniper Networks Junos OS Evolved 22.4
- Juniper Networks Junos OS Evolved 21.4
- Juniper Networks Junos OS Evolved 22.1
- Juniper Networks Junos OS Evolved 22.2
- Juniper Networks Junos OS on SRX Series
Remediation
Refer to Juniper Networks Security Advisory for patch, upgrade or suggested workaround information.