Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2024-21597

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions.

In an Abstracted Fabric (AF) scenario if routing-instances (RI) are configured, specific valid traffic destined to the device can bypass the configured lo0 firewall filters as it's received in the wrong RI context.

This issue affects Juniper Networks Junos OS on MX Series:

  • All versions earlier than 20.4R3-S9;
  • 21.2 versions earlier than 21.2R3-S3;
  • 21.4 versions earlier than 21.4R3-S5;
  • 22.1 versions earlier than 22.1R3;
  • 22.2 versions earlier than 22.2R3;
  • 22.3 versions earlier than 22.3R2.
  • Published: Jan 12, 2024
  • Updated: Jan 20, 2024
  • CVE: CVE-2024-21597
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWEs:

Software From Fixed in
juniper / junos 20.4-r1 20.4-r1.x
juniper / junos 20.4-r1-s1 20.4-r1-s1.x
juniper / junos 20.4-r2 20.4-r2.x
juniper / junos 20.4-r2-s1 20.4-r2-s1.x
juniper / junos 20.4-r3 20.4-r3.x
juniper / junos 20.4-r3-s1 20.4-r3-s1.x
juniper / junos 20.4-r2-s2 20.4-r2-s2.x
juniper / junos 20.4 20.4.x
juniper / junos 20.4-r3-s2 20.4-r3-s2.x
juniper / junos 20.4-r3-s3 20.4-r3-s3.x
juniper / junos 20.4-r3-s4 20.4-r3-s4.x
juniper / junos 20.4-r3-s5 20.4-r3-s5.x
juniper / junos 20.4-r3-s6 20.4-r3-s6.x
juniper / junos 20.4-r3-s7 20.4-r3-s7.x
juniper / junos 20.4-r3-s8 20.4-r3-s8.x
juniper / junos 21.2-r1 21.2-r1.x
juniper / junos 21.2-r1-s1 21.2-r1-s1.x
juniper / junos 21.2-r2 21.2-r2.x
juniper / junos 21.2 21.2.x
juniper / junos 21.2-r1-s2 21.2-r1-s2.x
juniper / junos 21.2-r2-s1 21.2-r2-s1.x
juniper / junos 21.2-r2-s2 21.2-r2-s2.x
juniper / junos 21.2-r3 21.2-r3.x
juniper / junos 21.2-r3-s2 21.2-r3-s2.x
juniper / junos 21.2-r3-s1 21.2-r3-s1.x
juniper / junos 21.4-r1-s1 21.4-r1-s1.x
juniper / junos 21.4-r1 21.4-r1.x
juniper / junos 21.4-r1-s2 21.4-r1-s2.x
juniper / junos 21.4-r2 21.4-r2.x
juniper / junos 21.4-r2-s1 21.4-r2-s1.x
juniper / junos 21.4 21.4.x
juniper / junos 21.4-r3 21.4-r3.x
juniper / junos 21.4-r2-s2 21.4-r2-s2.x
juniper / junos 21.4-r3-s1 21.4-r3-s1.x
juniper / junos 21.4-r3-s2 21.4-r3-s2.x
juniper / junos 21.4-r3-s3 21.4-r3-s3.x
juniper / junos 21.4-r3-s4 21.4-r3-s4.x
juniper / junos 22.1-r1 22.1-r1.x
juniper / junos 22.1-r1-s1 22.1-r1-s1.x
juniper / junos 22.1-r2 22.1-r2.x
juniper / junos 22.1-r1-s2 22.1-r1-s2.x
juniper / junos 22.1-r2-s2 22.1-r2-s2.x
juniper / junos 22.1-r2-s1 22.1-r2-s1.x
juniper / junos 22.1 22.1.x
juniper / junos 22.2-r1 22.2-r1.x
juniper / junos 22.2-r1-s1 22.2-r1-s1.x
juniper / junos 22.2-r2 22.2-r2.x
juniper / junos 22.2-r1-s2 22.2-r1-s2.x
juniper / junos 22.2-r2-s1 22.2-r2-s1.x
juniper / junos 22.2-r2-s2 22.2-r2-s2.x
juniper / junos 22.2 22.2.x
juniper / junos 22.3-r1 22.3-r1.x
juniper / junos 22.3-r1-s1 22.3-r1-s1.x
juniper / junos 22.3-r1-s2 22.3-r1-s2.x
juniper / junos 22.3 22.3.x