Show plain JSON{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-39551", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2024-06-25T15:12:53.246Z", "datePublished": "2024-07-11T16:29:46.607Z", "dateUpdated": "2024-08-02T04:26:15.947Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["SRX Series", "MX Series"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "20.4R3-S10", "status": "affected", "version": "20.4", "versionType": "semver"}, {"lessThan": "21.2R3-S6", "status": "affected", "version": "21.2", "versionType": "semver"}, {"lessThan": "21.3R3-S5", "status": "affected", "version": "21.3", "versionType": "semver"}, {"lessThan": "21.4R3-S6", "status": "affected", "version": "21.4", "versionType": "semver"}, {"lessThan": "22.1R3-S4", "status": "affected", "version": "22.1", "versionType": "semver"}, {"lessThan": "22.2R3-S2", "status": "affected", "version": "22.2", "versionType": "semver"}, {"lessThan": "22.3R3-S1", "status": "affected", "version": "22.3", "versionType": "semver"}, {"lessThan": "22.4R3", "status": "affected", "version": "22.4", "versionType": "semver"}, {"lessThan": "23.2R2", "status": "affected", "version": "23.2", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>To be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration.</p><p>Please verify on SRX with:</p><code> user@host> show security alg status | match sip</code><br><code> SIP : Enabled</code><br><p>Please verify on MX whether the following is configured:</p><code> user@host> show security alg status | match sip</code><br><code> SIP : Enabled</code><br><code> [services ... rule <rule-name> (term <term-name> ) from/match application/application-set <name>]</code><br><p>where either</p><code> a. name = junos-sip</code><br><p>or an application or application-set refers to SIP:</p><code> b. [applications application <name> application-protocol sip]</code><br><p>or</p><code> c. [applications application-set <name> application junos-sip]</code><br>"}], "value": "To be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration.\n\nPlease verify on SRX with:\n\n user@host> show security alg status | match sip\n SIP : Enabled\nPlease verify on MX whether the following is configured:\n\n user@host> show security alg status | match sip\n SIP : Enabled\n [services ... rule <rule-name> (term <term-name> ) from/match application/application-set <name>]\nwhere either\n\n a. name = junos-sip\nor an application or application-set refers to SIP:\n\n b. [applications application <name> application-protocol sip]\nor\n\n c. [applications application-set <name> application junos-sip]"}], "datePublic": "2024-07-10T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of Service (DoS). <br><br>Continued receipt and processing of these specific packets will sustain the Denial of Service condition.<br><br>The memory usage can be monitored using the below command.<br><br><span style=\"background-color: var(--wht);\">\u2003\u2003user@host> show usp memory segment sha data objcache jsf </span><br><p>This issue affects SRX Series and MX Series with SPC3 and MS-MPC/MIC: </p><ul><li>\u200320.4 before 20.4R3-S10, </li><li>\u200321.2 before 21.2R3-S6, </li><li>\u200321.3 before 21.3R3-S5, </li><li>\u200321.4 before 21.4R3-S6, </li><li>\u200322.1 before 22.1R3-S4, </li><li>\u200322.2 before 22.2R3-S2, </li><li>\u200322.3 before 22.3R3-S1, </li><li>\u200322.4 before 22.4R3, </li><li><span style=\"background-color: var(--darkreader-bg--wht);\">\u200323.2 before 23.2R2.</span><br></li></ul><p></p>"}], "value": "An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway) of\u00a0 Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an\u00a0unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of Service (DoS).\u00a0\n\nContinued receipt and processing of these specific packets will sustain the Denial of Service condition.\n\nThe memory usage can be monitored using the below command.\n\n\u2003\u2003user@host> show usp memory segment sha data objcache jsf\u00a0\nThis issue affects SRX Series and MX Series with SPC3 and MS-MPC/MIC:\u00a0\n\n * \u200320.4 before 20.4R3-S10,\u00a0\n * \u200321.2 before 21.2R3-S6,\u00a0\n * \u200321.3 before 21.3R3-S5,\u00a0\n * \u200321.4 before 21.4R3-S6,\u00a0\n * \u200322.1 before 22.1R3-S4,\u00a0\n * \u200322.2 before 22.2R3-S2,\u00a0\n * \u200322.3 before 22.3R3-S1,\u00a0\n * \u200322.4 before 22.4R3,\u00a0\n * \u200323.2 before 23.2R2."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-07-11T16:29:46.607Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://supportportal.juniper.net/JSA83013"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software releases have been updated to resolve this specific issue:<br> <br>Junos OS: 20.4R3-S10, 21.2R3-S6, 21.3R3-S5, 21.4R3-S6, 22.1R3-S4, 22.2R3-S2, 22.3R3-S1, 22.4R3, 23.2R2, 23.4R1, and all subsequent releases."}], "value": "The following software releases have been updated to resolve this specific issue:\n \nJunos OS: 20.4R3-S10, 21.2R3-S6, 21.3R3-S5, 21.4R3-S6, 22.1R3-S4, 22.2R3-S2, 22.3R3-S1, 22.4R3, 23.2R2, 23.4R1, and all subsequent releases."}], "source": {"advisory": "JSA83013", "defect": ["1745890"], "discovery": "INTERNAL"}, "title": "Junos OS: SRX Series and MX Series with SPC3 and MS-MPC/MIC: Receipt of specific packets in H.323 ALG causes traffic drop", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There are no known workarounds for this issue."}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "juniper", "product": "junos_os", "cpes": ["cpe:2.3:o:juniper:junos_os:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "20.4", "status": "affected", "lessThan": "20.4r3-s10", "versionType": "semver"}, {"version": "21.2", "status": "affected", "lessThan": "21.2r3-s6", "versionType": "semver"}, {"version": "21.3", "status": "affected", "lessThan": "21.3r3-s5", "versionType": "semver"}, {"version": "21.4", "status": "affected", "lessThan": "21.4r3-s6", "versionType": "semver"}, {"version": "22.1", "status": "affected", "lessThan": "22.1r3-s4", "versionType": "semver"}, {"version": "22.2", "status": "affected", "lessThan": "22.2r3-s2", "versionType": "semver"}, {"version": "22.3", "status": "affected", "lessThan": "22.3r3-s1", "versionType": "semver"}, {"version": "22.4", "status": "affected", "lessThan": "22.4r3", "versionType": "semver"}, {"version": "23.2", "status": "affected", "lessThan": "23.2r2", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-11T18:33:00.389286Z", "id": "CVE-2024-39551", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-12T16:57:12.317Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:26:15.947Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://supportportal.juniper.net/JSA83013"}]}]}} 
ReportizFlow
Vulnrichment
Redhat