CVE-2024-21614

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 22.2R2-S2, 22.2R3 Juniper Networks Junos OS versions prior to 22.3R2, 22.3R3 Juniper Networks Junos OS Evolved versions prior to 22.2R2-S2-EVO, 22.2R3-EVO Juniper Networks Junos OS Evolved versions prior to 22.3R2-EVO, 22.3R3-EVO

Description The issue is related to an Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved. This vulnerability allows a network-based, unauthenticated attacker to cause rpd to crash, leading to Denial of Service (DoS). When NETCONF and gRPC are enabled, and a specific query is executed via Dynamic Rendering (DREND), rpd will crash and restart. Continuous execution of this specific query will cause a sustained Denial of Service (DoS) condition.

Recommendations For Juniper Networks Junos OS versions prior to 22.2R2-S2, 22.2R3, update to version 22.2R2-S2 or 22.2R3 or later. For Juniper Networks Junos OS versions prior to 22.3R2, 22.3R3, update to version 22.3R2 or 22.3R3 or later. For Juniper Networks Junos OS Evolved versions prior to 22.2R2-S2-EVO, 22.2R3-EVO, update to version 22.2R2-S2-EVO or 22.2R3-EVO or later. For Juniper Networks Junos OS Evolved versions prior to 22.3R2-EVO, 22.3R3-EVO, update to version 22.3R2-EVO or 22.3R3-EVO or later. As a temporary workaround, consider disabling the NETCONF and gRPC services until a patch is available. Restrict access to the Dynamic Rendering (DREND) functionality to minimize the risk of exploitation.