An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS). If an affected device receives a specifically malformed first ISAKMP packet from the initiator, the kmd/iked process will crash and restart, which momentarily prevents new security associations (SAs) for from being established. Repeated exploitation of this vulnerability causes a complete inability to establish new VPN connections. This issue affects Junos OS on SRX Series and MX Series: * all versions before 22.4R3-S9, * 23.2 version before 23.2R2-S6, * 23.4 version before 23.4R2-S7, * 24.2 versions before 24.2R2-S4, * 24.4 versions before 24.4R2-S3, * 25.2 versions before 25.2R1-S2, 25.2R2.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:XJuniper Junos
OSJuniper22.423.223.424.224.425.2< 22.4Juniper Mx10004
HWJuniperwszystkie wersjeJuniper Mx10008
HWJuniperwszystkie wersjeJuniper Mx2008
HWJuniperwszystkie wersjeJuniper Mx2010
HWJuniperwszystkie wersjeJuniper Mx2020
HWJuniperwszystkie wersjeJuniper Mx204
HWJuniperwszystkie wersjeJuniper Mx240
HWJuniperwszystkie wersjeJuniper Mx301
HWJuniperwszystkie wersjeJuniper Mx304
HWJuniperwszystkie wersjeJuniper Mx480
HWJuniperwszystkie wersjeJuniper Mx960
HWJuniperwszystkie wersjeJuniper Srx1500
HWJuniperwszystkie wersjeJuniper Srx1600
HWJuniperwszystkie wersjeJuniper Srx2300
HWJuniperwszystkie wersjeJuniper Srx300
HWJuniperwszystkie wersjeJuniper Srx320
HWJuniperwszystkie wersjeJuniper Srx340
HWJuniperwszystkie wersjeJuniper Srx345
HWJuniperwszystkie wersjeJuniper Srx380
HWJuniperwszystkie wersjeJuniper Srx4100
HWJuniperwszystkie wersjeJuniper Srx4120
HWJuniperwszystkie wersjeJuniper Srx4200
HWJuniperwszystkie wersjeJuniper Srx4300
HWJuniperwszystkie wersjeJuniper Srx4600
HWJuniperwszystkie wersjeJuniper Srx4700
HWJuniperwszystkie wersjeJuniper Srx5400
HWJuniperwszystkie wersjeJuniper Srx5600
HWJuniperwszystkie wersjeJuniper Srx5800
HWJuniperwszystkie wersje
Related vulnerabilities
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SR...
Out-of-bounds Write w J-Web Juniper Junos OS — RCE z uprawnieniami root
This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials ...
A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unaut...
An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Rout...