CVE-2024-30382 Junos OS and Junos OS Evolved: RPD crash when CoS-based forwarding (CBF) policy is configured

🗓️ 12 Apr 2024 15:22:03Reported by juniperType

Vulnerability in Junos OS and Junos OS Evolved causes RPD crash with CoS-based forwarding policy

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the Daemon Routing Protocols (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause service interruptions.	7 May 202400:00	–	bdu_fstec
CNNVD	Juniper Networks Junos OS 安全漏洞	12 Apr 202400:00	–	cnnvd
CVE	CVE-2024-30382	12 Apr 202415:22	–	cve
EUVD	EUVD-2024-28303	3 Oct 202520:07	–	euvd
Tenable Nessus	Juniper Junos OS Vulnerability (JSA79174)	11 Apr 202400:00	–	nessus
NCSC	Vulnerabilities fixed in Juniper JunOS	12 Apr 202400:00	–	ncsc
NVD	CVE-2024-30382	12 Apr 202416:15	–	nvd
OSV	CVE-2024-30382	12 Apr 202416:15	–	osv
Positive Technologies	PT-2024-3307 · Juniper Networks · Junos Evolved +1	26 Mar 202400:00	–	ptsecurity
Vulnrichment	CVE-2024-30382 Junos OS and Junos OS Evolved: RPD crash when CoS-based forwarding (CBF) policy is configured	12 Apr 202415:22	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "20.4R3-S10",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S8",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R2",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS Evolved",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "21.2R3-S8-EVO",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-EVO",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-EVO",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R2-EVO",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA79174
first	www.first.org/cvss/calculator/4.0

16 May 2024 18:01Current

7.7High risk

Vulners AI Score7.7

CVSS 3.17.5

CVSS 48.7

EPSS0.0071

CWE-755