CVE-2026-21905
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: Juniper Networks, Inc.
Description
Description
A Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the SIP application layer gateway (ALG) of Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC allows an unauthenticated network-based attacker sending specific SIP messages over TCP to crash the flow management process, leading to a Denial of Service (DoS).
On SRX Series, and MX Series with MX-SPC3 or MS-MPC service cards, receipt of multiple SIP messages causes the SIP headers to be parsed incorrectly, eventually causing a continuous loop and leading to a watchdog timer expiration, crashing the flowd process on SRX Series and MX Series with MX-SPC3, or mspmand process on MX Series with MS-MPC.
This issue only occurs over TCP. SIP messages sent over UDP cannot trigger this issue.
This issue affects Junos OS on SRX Series and MX Series with MX-SPC3 and MS-MPC:
* all versions before 21.2R3-S10,Β
* from 21.4 before 21.4R3-S12,Β
* from 22.4 before 22.4R3-S8,Β
* from 23.2 before 23.2R2-S5,Β
* from 23.4 before 23.4R2-S6,Β
* from 24.2 before 24.2R2-S3,Β
* from 24.4 before 24.4R2-S1,Β
* from 25.2 before 25.2R1-S1, 25.2R2.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper | junoss | to 21.2r3-s10 (exc) |
| juniper | junoss | to 21.4r3-s12 (exc) |
| juniper | junoss | to 22.4r3-s8 (exc) |
| juniper | junoss | to 23.2r2-s5 (exc) |
| juniper | junoss | to 23.4r2-s6 (exc) |
| juniper | junoss | to 24.2r2-s3 (exc) |
| juniper | junoss | to 24.4r2-s1 (exc) |
| juniper | junoss | to 25.2r1-s1 (exc) |
| juniper | junoss | 25.2r2 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-835 | The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. |
