CVE-2024-21594

{"id": "CVE-2024-21594", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-01-12T01:15:46.880", "references": [{"url": "https://supportportal.juniper.net/JSA75733", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}, {"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-122"}]}], "descriptions": [{"lang": "en", "value": "\nA Heap-based Buffer Overflow vulnerability in the Network Services Daemon (NSD) of Juniper Networks Junos OS allows authenticated, low privileged, local attacker to cause a Denial of Service (DoS).\n\nOn an SRX 5000 Series device, when executing a specific command repeatedly, memory is corrupted, which leads to a Flow Processing Daemon (flowd) crash.\n\nThe NSD process has to be restarted to restore services.\n\nIf this issue occurs, it can be checked with the following command:\n\nuser@host> request security policies check\nThe following log message can also be observed:\n\nError: policies are out of sync for PFE node<number>.fpc<number>.pic<number>.\nThis issue affects:\n\nJuniper Networks Junos OS on SRX 5000 Series\n\n\n\n * All versions earlier than 20.4R3-S6;\n * 21.1 versions earlier than 21.1R3-S5;\n * 21.2 versions earlier than 21.2R3-S4;\n * 21.3 versions earlier than 21.3R3-S3;\n * 21.4 versions earlier than 21.4R3-S3;\n * 22.1 versions earlier than 22.1R3-S1;\n * 22.2 versions earlier than 22.2R3;\n * 22.3 versions earlier than 22.3R2.\n\n\n\n\n\n\n"}, {"lang": "es", "value": "Una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n Heap de la memoria en el Network Services Daemon (NSD) de Juniper Networks Junos OS permite que un atacante local autenticado y con pocos privilegios provoque una denegaci\u00f3n de servicio (DoS). En un dispositivo de la serie SRX 5000, al ejecutar un comando espec\u00edfico repetidamente, la memoria se da\u00f1a, lo que provoca un bloqueo del Flow Processing Daemon (flowd). El proceso NSD debe reiniciarse para restaurar los servicios. Si ocurre este problema, se puede verificar con el siguiente comando: usuario@host&gt; solicitar pol\u00edticas de seguridad verificar Tambi\u00e9n se puede observar el siguiente mensaje de registro: Error: policies are out of sync for PFE node.fpc.pic. Este problema afecta a: Juniper Networks Junos OS en la serie SRX 5000 * Todas las versiones anteriores a 20.4R3-S6; * Versiones 21.1 anteriores a 21.1R3-S5; * Versiones 21.2 anteriores a 21.2R3-S4; * Versiones 21.3 anteriores a 21.3R3-S3; * Versiones 21.4 anteriores a 21.4R3-S3; * Versiones 22.1 anteriores a 22.1R3-S1; * Versiones 22.2 anteriores a 22.2R3; * Versiones 22.3 anteriores a 22.3R2."}], "lastModified": "2024-01-18T20:14:10.903", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3A96966-5060-4139-A124-D4E2C879FD6C", "versionEndExcluding": "20.4"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C1C3B09-3800-493E-A319-57648305FE6E"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}