CVE-2024-21610
MEDIUMDescription
An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon (cosd) of Juniper Networks Junos OS allows an authenticated, network-based attacker with low privileges to cause a limited Denial of Service (DoS). In a scaled CoS scenario with 1000s of interfaces, when specific low privileged commands, received over NETCONF, SSH or telnet, are handled by cosd on behalf of mgd, the respective child management daemon (mgd) processes will get stuck. In case of (Netconf over) SSH this leads to stuck SSH sessions, so that when the connection-limit for SSH is reached, new sessions can't be established anymore. A similar behavior will be seen for telnet etc. Stuck mgd processes can be monitored by executing the following command: user@host> show system processes extensive | match mgd | match sbwait This issue affects Juniper Networks Junos OS: * All versions earlier than 20.4R3-S9; * 21.2 versions earlier than 21.2R3-S7; * 21.3 versions earlier than 21.3R3-S5; * 21.4 versions earlier than 21.4R3-S5; * 22.1 versions earlier than 22.1R3-S4; * 22.2 versions earlier than 22.2R3-S3; * 22.3 versions earlier than 22.3R3-S2; * 22.4 versions earlier than 22.4R3; * 23.2 versions earlier than 23.2R1-S2, 23.2R2.
How to fix
Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
CVSS v3 Vector
Exploitability
Impact
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Exploit Intelligence
Low risk: more likely to be exploited than 38% of all known CVEs.
References
Related Vulnerabilities
Other CWE-755 vulnerabilities, ordered by exploit likelihood. View all
| CVE | Severity | CVSS | EPSS | Exploited | Fix |
|---|---|---|---|---|---|
| CVE-2017-5638 | Critical | 9.8 | 100% | KEV + Ransom | Fix |
| CVE-2020-7247 | Critical | 9.8 | 99% | KEV | Fix |
| CVE-2023-36933 | High | 7.5 | 72% | - | Fix |
| CVE-2018-0934 | High | 7.5 | 66% | - | Fix |
| CVE-2019-14287 | High | 8.8 | 64% | - | Fix |
| CVE-2019-12815 | Critical | 9.8 | 58% | - | Fix |
Embed a live status badge for CVE-2024-21610
Markdown
[](https://tridentstack.com/cve/CVE-2024-21610)HTML
<a href="https://tridentstack.com/cve/CVE-2024-21610"><img src="https://tridentstack.com/cve/badge/CVE-2024-21610.svg" alt="CVE-2024-21610"></a>Find and fix vulnerabilities across your fleet
TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start freeThis product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-05-19.