Juniper Networks Firewall Security Updates (AL04/240702/CSIRT-ITA)

Synthesis

Juniper Networks releases security updates to address a “high” severity vulnerability in Junos OS. This vulnerability, if exploited, could result in the compromise of the availability of the service on the affected firewalls.

Risk

Estimated impact of vulnerability on the reference community: MEDIUM/YELLOW (63.46/100)¹.

Type

• Denial of Service

Affected products and versions

Juniper Networks Junos OS for SRX Series Firewalls:

• 21.4.x, versions prior to 21.4R3-S7.9
• 22.1.x, versions prior to 22.1R3-S5.3
• 22.2.x, versions prior to 22.2R3-S4.11
• 22.3.x, versions prior to 22.3R3
• 22.4.x, versions prior to 22.4R3

Mitigation actions

In line with the vendor’s declarations, it is recommended to update the individual products following the instructions in the security bulletin, available at the link in the References section.

Unique vulnerability identifiers

CVE-2024-21586

References

https://supportportal.juniper.net/s/article/2024-07-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-Specific-valid-traffic-leads-to-a-PFE- crash-CVE-2024-21586

¹This estimate is carried out taking into account various parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.