CVE-2024-21591

CRITICAL
Published Jan 12, 2024 Modified May 5, 2025 CWE-787

Description

An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device. This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory. This issue affects Juniper Networks Junos OS SRX Series and EX Series: * Junos OS versions earlier than 20.4R3-S9; * Junos OS 21.2 versions earlier than 21.2R3-S7; * Junos OS 21.3 versions earlier than 21.3R3-S5; * Junos OS 21.4 versions earlier than 21.4R3-S5; * Junos OS 22.1 versions earlier than 22.1R3-S4; * Junos OS 22.2 versions earlier than 22.2R3-S3; * Junos OS 22.3 versions earlier than 22.3R3-S2; * Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3.

CVSS v3.1 Score

9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness Type (CWE)

CWE-787 Out-of-bounds Write

Affected Products

Vendor Product
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos
juniper junos

References

Frequently Asked Questions

What is CVE-2024-21591? +
An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device. This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory. This issue affects Juniper Networks Junos OS SRX Series and EX Series: * Junos OS versions earlier than 20.4R3-S9; * Junos OS 21.2 versions earlier than 21.2R3-S7; * Junos OS 21.3 versions earlier than 21.3R3-S5; * Junos OS 21.4 versions earlier than 21.4R3-S5; * Junos OS 22.1 versions earlier than 22.1R3-S4; * Junos OS 22.2 versions earlier than 22.2R3-S3; * Junos OS 22.3 versions earlier than 22.3R3-S2; * Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3. It has a CVSS v3.1 base score of 9.8 (CRITICAL).
How severe is CVE-2024-21591? +
CVE-2024-21591 has a CVSS v3.1 score of 9.8 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately.
What products are affected by CVE-2024-21591? +
CVE-2024-21591 affects products from juniper, specifically: junos. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2024-21591? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2024-21591 — free, no signup required.

Start Free Scan