JuniperVULNRICHMENT:CVE-2024-39528CVE-2024-39528 Junos OS and Junos OS Evolved: Concurrent deletion of a routing-instance and receipt of an SNMP request cause an RPD crash
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:L
AI Score
Confidence
High
EPSS
Percentile
13.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
A Use After Free vulnerability in the Routing Protocol Daemon (rpd) ofย Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service (DoS).On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at the same time a specific SNMP request is received, a segmentation fault occurs which causes rpd to crash and restart.
This issue affects:
Junos OS:
- All versions before 21.2R3-S8,
- 21.4 versions before 21.4R3-S5,
- 22.2 versions before 22.2R3-S3,
- 22.3 versions before 22.3R3-S2,
- 22.4 versions before 22.4R3,
- 23.2 versions before 23.2R2.
Junos OS Evolved:
- All versions before 21.2R3-S8-EVO,
- 21.4-EVO versions before 21.4R3-S5-EVO,
- 22.2-EVO versions before 22.2R3-S3-EVO,
- 22.3-EVO versions before 22.3R3-S2-EVO,
- 22.4-EVO versions before 22.4R3-EVO,
- 23.2-EVO versions before 23.2R2-EVO.
CNA Affected
[
{
"vendor": "Juniper Networks",
"product": "Junos OS",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "21.2R3-S8",
"versionType": "semver"
},
{
"status": "affected",
"version": "21.4",
"lessThan": "21.4R3-S5",
"versionType": "semver"
},
{
"status": "affected",
"version": "22.2",
"lessThan": "22.2R3-S3",
"versionType": "semver"
},
{
"status": "affected",
"version": "22.3",
"lessThan": "22.3R3-S2",
"versionType": "semver"
},
{
"status": "affected",
"version": "22.4",
"lessThan": "22.4R3",
"versionType": "semver"
},
{
"status": "affected",
"version": "23.2",
"lessThan": "23.2R2",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "Juniper Networks",
"product": "Junos OS Evolved",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "21.2R3-S8-EVO",
"versionType": "semver"
},
{
"status": "affected",
"version": "21.4-EVO",
"lessThan": "21.4R3-S5-EVO",
"versionType": "semver"
},
{
"status": "affected",
"version": "22.2-EVO",
"lessThan": "22.2R3-S3-EVO",
"versionType": "semver"
},
{
"status": "affected",
"version": "22.3-EVO",
"lessThan": "22.3R3-S2-EVO",
"versionType": "semver"
},
{
"status": "affected",
"version": "22.4-EVO",
"lessThan": "22.4R3-EVO",
"versionType": "semver"
},
{
"status": "affected",
"version": "23.2-EVO",
"lessThan": "23.2R2-EVO",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]References
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:L
AI Score
Confidence
High
EPSS
Percentile
13.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial