CVE-2024-21606

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://supportportal.juniper.net/JSA75747", "name": "https://supportportal.juniper.net/JSA75747", "tags": [], "refsource": ""}, {"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", "name": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "\nA Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).\n\nIn a remote access VPN scenario, if a \"tcp-encap-profile\" is configured and a sequence of specific packets is received, a flowd crash and restart will be observed.\n\nThis issue affects Juniper Networks Junos OS on SRX Series:\n\n\n\n * All versions earlier than 20.4R3-S8;\n * 21.2 versions earlier than 21.2R3-S6;\n * 21.3 versions earlier than 21.3R3-S5;\n * 21.4 versions earlier than 21.4R3-S5;\n * 22.1 versions earlier than 22.1R3-S3;\n * 22.2 versions earlier than 22.2R3-S3;\n * 22.3 versions earlier than 22.3R3-S1;\n * 22.4 versions earlier than 22.4R2-S2, 22.4R3.\n\n\n\n\n\n\n"}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-21606", "ASSIGNER": "sirt@juniper.net"}}, "impact": {}, "publishedDate": "2024-01-12T01:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-01-12T13:47Z"}