U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2024-21597

Change History

New CVE Received by NIST 1/11/2024 8:15:47 PM

Action Type Old Value New Value
Added CVSS V3.1

Juniper Networks, Inc. AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Added CWE

Juniper Networks, Inc. CWE-668
Added Description

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions.

In an Abstracted Fabric (AF) scenario if routing-instances (RI) are configured, specific valid traffic destined to the device can bypass the configured lo0 firewall filters as it's received in the wrong RI context.

This issue affects Juniper Networks Junos OS on MX Series:

  *  All versions earlier than 20.4R3-S9;
  *  21.2 versions earlier than 21.2R3-S3;
  *  21.4 versions earlier than 21.4R3-S5;
  *  22.1 versions earlier than 22.1R3;
  *  22.2 versions earlier than 22.2R3;
  *  22.3 versions earlier than 22.3R2.

Added Reference

Juniper Networks, Inc. https://supportportal.juniper.net/JSA75738 [No types assigned]
Added Reference

Juniper Networks, Inc. https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N [No types assigned]