CVE-2025-52981
8.7
Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:XShow more
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:XShow less
Source: sirt@juniper.net (Secondary)
Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on
SRX1600, SRX2300, SRX 4000 Series, and SRX5000 Series with SPC3
allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
If a sequence of specific PIM packets is received, this will cause a flowd crash and restart.
This issue affects Junos OS:
* all versions before 21.2R3-S9,
* 21.4 versions before 21.4R3-S11,
* 22.2 versions before 22.2R3-S7,
* 22.4 versions before 22.4R3-S6,
* 23.2 versions before 23.2R2-S4,
* 23.4 versions before 23.4R2-S4,
* 24.2 versions before 24.2R2.
This is a similar, but different vulnerability than the issue reported as
CVE-2024-47503, published in JSA88133.
Affected (82)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 21.2 |
| Running on/with | Platform Versions |
|---|---|
Juniper Srx1600 | All versions |
Juniper Srx2300 | All versions |
Juniper Srx4100 | All versions |
Juniper Srx4120 | All versions |
Juniper Srx4200 | All versions |
Juniper Srx4300 | All versions |
Juniper Srx4600 | All versions |
Juniper Srx4700 | All versions |
Juniper Srx5400 | All versions |
Juniper Srx5600 | All versions |
Juniper Srx5800 | All versions |
Juniper Srx5k Spc3 | All versions |
References (1)
Timeline
No history available yet.