漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed
Vulnerability Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service (DoS). On EX4k, and QFX5k platforms configured as service-provider edge devices, if L2PT is enabled on the UNI and VSTP is enabled on NNI in VXLAN scenarios, receiving VSTP BPDUs on UNI leads to packet buffer allocation failures, resulting in the device to not pass traffic anymore until it is manually recovered with a restart.This issue affects Junos OS: * 24.4 releases before 24.4R2, * 25.2 releases before 25.2R1-S1, 25.2R2. This issue does not affect Junos OS releases before 24.4R1.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
对因果或异常条件的不恰当检查
Vulnerability Title
Juniper Networks Junos OS EX/QFX 代码问题漏洞
Vulnerability Description
Juniper Networks Junos OS EX/QFX是美国瞻博网络(Juniper Networks)公司的一款交换机。该产品为接入交换机的任意两个网络节点提供独享的电信号通路。 Juniper Networks Junos OS EX/QFX 24.4R2之前版本和25.2R1-S1及25.2R2之前版本存在代码问题漏洞,该漏洞源于对异常或特殊情况检查不当,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A