cve-2025-30660
Vulnerability from cvelistv5
Published
2025-04-09 20:05
Modified
2025-04-09 20:29
Severity ?
EPSS score ?
Summary
Junos OS: MX Series: Decapsulation of specific GRE packets leads to PFE reset
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Juniper Networks | Junos OS |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30660",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T20:29:51.260047Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T20:29:59.919Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"MX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.2R3-S9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S8",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S4",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S5",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S2",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R2",
"status": "affected",
"version": "23.4",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-04-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\u003cp\u003eWhen processing a high rate of specific GRE traffic destined to the device, the respective P\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eFE will hang causing traffic forwarding to stop. \u003c/span\u003e\n\n\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWhen this issue occurs the following logs can be observed:\u003c/span\u003e\u003c/p\u003e \u003ctt\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026lt;fpc #\u0026gt; MQSS(0): LI-3: Received a parcel with more than 512B\u0026nbsp;accompanying data \u003cbr\u003e\u003c/span\u003e\u003c/tt\u003e\u003ctt\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCHASSISD_FPC_ASIC_ERROR: ASIC Error detected \u0026lt;...\u0026gt;\u003c/span\u003e\u003c/tt\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Junos OS:\u003c/p\u003e\u003cul\u003e\u003cli\u003eall versions before 21.2R3-S9,\u003c/li\u003e\u003cli\u003e21.4 versions before 21.4R3-S8,\u003c/li\u003e\u003cli\u003e22.2 versions before 22.2R3-S4,\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R3-S5,\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2-S2,\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2.\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).When processing a high rate of specific GRE traffic destined to the device, the respective PFE will hang causing traffic forwarding to stop. \n\n\n\nWhen this issue occurs the following logs can be observed:\n\n \u003cfpc #\u003e MQSS(0): LI-3: Received a parcel with more than 512B\u00a0accompanying data \nCHASSISD_FPC_ASIC_ERROR: ASIC Error detected \u003c...\u003e\n\n\nThis issue affects Junos OS:\n\n * all versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S8,\n * 22.2 versions before 22.2R3-S4,\n * 22.4 versions before 22.4R3-S5,\n * 23.2 versions before 23.2R2-S2,\n * 23.4 versions before 23.4R2."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T20:05:25.345Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA96471"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S8, 22.2R3-S4, 22.4R3-S5, 23.2R2-S2, 23.4R2, 24.2R1, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S8, 22.2R3-S4, 22.4R3-S5, 23.2R2-S2, 23.4R2, 24.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA96471",
"defect": [
"1784246"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2025-04-09T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS: MX Series: Decapsulation of specific GRE packets leads to PFE reset",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2025-30660",
"datePublished": "2025-04-09T20:05:25.345Z",
"dateReserved": "2025-03-24T19:34:11.323Z",
"dateUpdated": "2025-04-09T20:29:59.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-30660\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2025-04-09T20:15:30.307\",\"lastModified\":\"2025-04-11T15:40:10.277\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).When processing a high rate of specific GRE traffic destined to the device, the respective PFE will hang causing traffic forwarding to stop. \\n\\n\\n\\nWhen this issue occurs the following logs can be observed:\\n\\n \u003cfpc #\u003e MQSS(0): LI-3: Received a parcel with more than 512B\u00a0accompanying data \\nCHASSISD_FPC_ASIC_ERROR: ASIC Error detected \u003c...\u003e\\n\\n\\nThis issue affects Junos OS:\\n\\n * all versions before 21.2R3-S9,\\n * 21.4 versions before 21.4R3-S8,\\n * 22.2 versions before 22.2R3-S4,\\n * 22.4 versions before 22.4R3-S5,\\n * 23.2 versions before 23.2R2-S2,\\n * 23.4 versions before 23.4R2.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de verificaci\u00f3n incorrecta de condiciones inusuales o excepcionales en el motor de reenv\u00edo de paquetes (pfe) de Juniper Networks Junos OS en la serie MX permite que un atacante no autenticado basado en la red cause una denegaci\u00f3n de servicio (DoS). Al procesar una alta tasa de tr\u00e1fico GRE espec\u00edfico destinado al dispositivo, el PFE respectivo se bloquear\u00e1, lo que provocar\u00e1 que se detenga el reenv\u00edo de tr\u00e1fico. Cuando se produce este problema, se pueden observar los siguientes registros: MQSS(0): LI-3: Se recibi\u00f3 un paquete con m\u00e1s de 512 B de datos adjuntos CHASSISD_FPC_ASIC_ERROR: Error de ASIC detectado \u0026lt;...\u0026gt; Este problema afecta a Junos OS: * todas las versiones anteriores a 21.2R3-S9, * versiones 21.4 anteriores a 21.4R3-S8, * versiones 22.2 anteriores a 22.2R3-S4, * versiones 22.4 anteriores a 22.4R3-S5, * versiones 23.2 anteriores a 23.2R2-S2, * versiones 23.4 anteriores a 23.4R2.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"YES\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-754\"}]}],\"references\":[{\"url\":\"https://supportportal.juniper.net/JSA96471\",\"source\":\"sirt@juniper.net\"}]}}"
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.