An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300 allows a local attacker with low privileges to cause a complete Denial of Service (DoS). When a specific 'show chassis' CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again. This issue affects Junos OS on SRX1600, SRX2300 and SRX4300: * 24.4 versions before 24.4R1-S3, 24.4R2.
This issue does not affect Junos OS versions before 24.4R1.
Attack Parameters
Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
High
Complete denial of service
CVSS Vector v4.0
Weakness Type (CWE)
Vulnerable Products 7
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Juniper Junos
cpe:2.3:o:juniper:junos:24.4:-:*:*:*:*:*:*
|
— | — |
|
Juniper Junos
cpe:2.3:o:juniper:junos:24.4:r1:*:*:*:*:*:*
|
— | — |
|
Juniper Junos
cpe:2.3:o:juniper:junos:24.4:r1-s2:*:*:*:*:*:*
|
— | — |
|
Juniper Junos
cpe:2.3:o:juniper:junos:24.4:r2:*:*:*:*:*:*
|
— | — |
|
Juniper Srx1600
cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*
|
— | — |
|
Juniper Srx2300
cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*
|
— | — |
|
Juniper Srx4300
cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*
|
— | — |