CVE-2024-21598

Summary

CVE-2024-21598 is a Denial of Service vulnerability affecting the Routing Protocol Daemon (rpd) in Juniper Networks Junos OS and Junos OS Evolved. An attacker can cause a crash and restart of the rpd by sending a malformed BGP update containing a tunnel encapsulation attribute. Affected versions include 20.4R1 and later versions prior to 20.4R3-S9, 21.2 versions prior to 21.2R3-S7, 21.3 versions prior to 21.3R3-S5, 21.4 versions prior to 21.4R3-S5, 22.1 versions prior to 22.1R3-S4, 22.2 versions prior to 22.2R3-S3, 22.3 versions prior to 22.3R3-S1, 22.4 versions prior to 22.4R3, 23.2 versions prior to 23.2R1-S2 and 23.2R2, as well as certain versions of Junos OS Evolved. This issue does not impact Junos OS versions earlier than 20.4R1 or Junos OS Evolved versions earlier than 20.4R1-EVO. It is a different vulnerability than JSA79095.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.