Improper Restriction of Excessive Authentication Attempts Vulnerability Affects Juniper Networks Junos OS Evolved
CVE-2024-30390

5.3MEDIUM

Key Information:

Vendor

Juniper Networks
Status
Junos Os Evolved
Vendor
CVE Published:
12 April 2024

Badges

đź‘ľ Exploit Exists

What is CVE-2024-30390?

An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited Denial of Service (DoS) to the management plane.

When an incoming connection was blocked because it exceeded the connections-per-second rate-limit, the system doesn't consider existing connections anymore for subsequent connection attempts so that the connection limit can be exceeded. This issue affects Junos OS Evolved:

  • All versions before 21.4R3-S4-EVO,
  • 22.1-EVO versions before 22.1R3-S3-EVO,
  • 22.2-EVO versions before 22.2R3-S2-EVO, 
  • 22.3-EVO versions before 22.3R2-S1-EVO, 22.3R3-EVO.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Junos OS Evolved 0 < 21.4R3-S4-EVO

Junos OS Evolved 22.1-EVO < 22.1R3-S3-EVO

Junos OS Evolved 22.2-EVO < 22.2R3-S2-EVO

References

http://supportportal.juniper.net/JSA79183
vendor-advisory
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/A...
technical-description

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • đź‘ľ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.