An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platforms allows an attacker to cause a memory leak leading to Denial of Services (DoS). This issue occurs on all MX Series platforms with MS-MPC or MS-MIC card and all SRX Series platforms where SIP ALG is enabled. Successful exploitation of this vulnerability prevents additional SIP calls and applications from succeeding. The SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. To confirm whether SIP ALG is enabled on SRX use the following command: user@host> show security alg status | match sip SIP : Enabled This issue affects Juniper Networks Junos OS on SRX Series and on MX Series: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S8, 19.4R3-S10; 20.1 versions 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2-S2, 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2, 22.1R3-S1. This issue does not affect Juniper Networks Junos OS on SRX Series and on MX Series: All versions prior to 18.2R1.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HJuniper Junos
OSJuniper19.319.420.120.220.320.421.121.221.321.422.1< 19.3Juniper Mx10
HWJuniperwszystkie wersjeJuniper Mx10000
HWJuniperwszystkie wersjeJuniper Mx10003
HWJuniperwszystkie wersjeJuniper Mx10008
HWJuniperwszystkie wersjeJuniper Mx10016
HWJuniperwszystkie wersjeJuniper Mx104
HWJuniperwszystkie wersjeJuniper Mx150
HWJuniperwszystkie wersjeJuniper Mx2008
HWJuniperwszystkie wersjeJuniper Mx2010
HWJuniperwszystkie wersjeJuniper Mx2020
HWJuniperwszystkie wersjeJuniper Mx204
HWJuniperwszystkie wersjeJuniper Mx240
HWJuniperwszystkie wersjeJuniper Mx40
HWJuniperwszystkie wersjeJuniper Mx480
HWJuniperwszystkie wersjeJuniper Mx5
HWJuniperwszystkie wersjeJuniper Mx80
HWJuniperwszystkie wersjeJuniper Mx960
HWJuniperwszystkie wersjeJuniper Srx100
HWJuniperwszystkie wersjeJuniper Srx110
HWJuniperwszystkie wersjeJuniper Srx1400
HWJuniperwszystkie wersjeJuniper Srx1500
HWJuniperwszystkie wersjeJuniper Srx210
HWJuniperwszystkie wersjeJuniper Srx220
HWJuniperwszystkie wersjeJuniper Srx240
HWJuniperwszystkie wersjeJuniper Srx240h2
HWJuniperwszystkie wersjeJuniper Srx240m
HWJuniperwszystkie wersjeJuniper Srx300
HWJuniperwszystkie wersjeJuniper Srx320
HWJuniperwszystkie wersjeJuniper Srx340
HWJuniperwszystkie wersje
Powiązane podatności
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SR...
Out-of-bounds Write w J-Web Juniper Junos OS — RCE z uprawnieniami root
This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials ...
A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unaut...
An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Rout...