How severe is CVE-2024-21603?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2024-21603?

This is classified as CWE-754, which is a common weakness in software security.

CVE-2024-21603 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Network Junos OS on MX Series allows a network based attacker with low privileges to cause a denial of service. If a scaled configuration for Source class usage (SCU) / destination class usage (DCU) (more than 10 route classes) is present and the SCU/DCU statistics are gathered by executing specific SNMP requests or CLI commands, a 'vmcore' for the RE kernel will be seen which leads to a device restart. Continued exploitation of this issue will lead to a sustained DoS. This issue only affects MX Series devices with MPC10, MPC11 or LC9600, and MX304. No other MX Series devices are affected. This issue affects Juniper Networks Junos OS: * All versions earlier than 20.4R3-S9; * 21.2 versions earlier than 21.2R3-S6; * 21.3 versions earlier than 21.3R3-S5; * 21.4 versions earlier than 21.4R3; * 22.1 versions earlier than 22.1R3; * 22.2 versions earlier than 22.2R2; * 22.3 versions earlier than 22.3R2.

Related Vulnerabilities

CVE-2017-13142

MEDIUM

CVSS:6.5(Medium)

In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.

CWE-7542017

CVE-2017-17044

MEDIUM

CVSS:6.5(Medium)

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors.

CWE-7542017

CVE-2019-11779

MEDIUM

CVSS:6.5(Medium)

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierar...

CWE-7542019

CVE-2019-1849

MEDIUM

CVSS:6.5(Medium)

A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attac...

CWE-7542019

CVE-2019-6833

MEDIUM

CVSS:6.5(Medium)

A CWE-754 – Improper Check for Unusual or Exceptional Conditions vulnerability exists in Magelis HMI Panels (all versions of - HMIGTO, HMISTO, XBTGH, HMIGTU, HMIGTUX, HMISCU, HMISTU, XBTGT, XBTGT, HMI...

CWE-7542019

CVE-2019-9633

MEDIUM

CVSS:6.5(Medium)

gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent GTask remains alive during the execution of a connection-attempting enumeration, which allows remote attackers to cause a denial ...

CWE-7542019