7.1
CVE-2025-21600
- EPSS 0.07%
- Veröffentlicht 09.01.2025 17:15:18
- Zuletzt bearbeitet 27.01.2025 22:15:14
- Quelle sirt@juniper.net
- Teams Watchlist Login
- Unerledigt Login
An Out-of-Bounds Read vulnerability in
the routing protocol daemon (rpd) of
Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.
This issue only affects systems configured in
either of two ways:
* systems with BGP traceoptions enabled
* systems with BGP family traffic-engineering (BGP-LS)
configured
and can be exploited from a directly connected and configured BGP peer.
This issue affects iBGP and eBGP
with
any address family
configured, and both IPv4 and IPv6 are affected by this vulnerability.
This issue affects:
Junos OS:
*
from 21.4 before 21.4R3-S9,
* from 22.2 before 22.2R3-S5,
* from 22.3 before 22.3R3-S4,
* from 22.4 before 22.4R3-S5,
* from 23.2 before 23.2R2-S3,
* from 23.4 before 23.4R2-S3,
* from 24.2 before 24.2R1-S2, 24.2R2;
Junos OS Evolved:
* from 21.4-EVO before 21.4R3-S9-EVO,
* from 22.2-EVO before 22.2R3-S5-EVO,
* from 22.3-EVO before 22.3R3-S4-EVO,
* from 22.4-EVO before 22.4R3-S5-EVO,
* from 23.2-EVO before 23.2R2-S3-EVO,
* from 23.4-EVO before 23.4R2-S2-EVO,
* from 24.2-EVO before 24.2R1-S2-EVO, 24.2R2-EVO.
This issue does not affect versions of Junos OS prior to 21.3R1.
This issue does not affect versions of Junos OS Evolved prior to 21.3R1-EVO.
This is a similar, but different vulnerability than the issue reported as CVE-2024-39516.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerJuniper Networks
≫
Produkt
Junos OS
Default Statusunaffected
Version <
21.4R3-S9
Version
21.4
Status
affected
Version <
22.2R3-S5
Version
22.2
Status
affected
Version <
22.3R3-S4
Version
22.3
Status
affected
Version <
22.4R3-S5
Version
22.4
Status
affected
Version <
23.2R2-S3
Version
23.2
Status
affected
Version <
23.4R2-S3
Version
23.4
Status
affected
Version <
24.2R1-S2, 24.2R2
Version
24.2
Status
affected
Version <
21.3R1
Version
0
Status
unaffected
HerstellerJuniper Networks
≫
Produkt
Junos OS Evolved
Default Statusunaffected
Version <
21.4R3-S9-EVO
Version
21.4-EVO
Status
affected
Version <
22.2R3-S5-EVO
Version
22.2-EVO
Status
affected
Version <
22.3R3-S4-EVO
Version
22.3-EVO
Status
affected
Version <
22.4R3-S5-EVO
Version
22.4-EVO
Status
affected
Version <
23.2R2-S3-EVO
Version
23.2-EVO
Status
affected
Version <
23.4R2-S2-EVO
Version
23.4-EVO
Status
affected
Version <
24.2R1-S2-EVO, 24.2R2-EVO
Version
24.2-EVO
Status
affected
Version <
21.3R1-EVO
Version
0
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.216 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| sirt@juniper.net | 7.1 | 0 | 0 |
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:C/RE:M/U:Green
|
| sirt@juniper.net | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.