Buffer Overflow Vulnerability in Flow Processing Daemon (flowd) Could Lead to Denial of Service (DoS)
CVE-2024-30392

7.5HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 12 April 2024

Badges

👾 Exploit Exists

Summary

A Stack-based Buffer Overflow vulnerability exists in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS. This vulnerability allows an unauthenticated attacker to exploit the system remotely. When URL filtering is enabled on affected MX Series platforms, the processing of a specific URL request can lead to the crash and subsequent restart of flowd, resulting in a Denial of Service (DoS) condition. Continuous exploitation of this vulnerability can lead to persistent interruptions in service. It is critical for users to upgrade to the recommended versions of Junos OS to mitigate potential risks.

Affected Version(s)

Junos OS MX Series with SPC3 and MS-MPC 0 < 21.2R3-S6

Junos OS MX Series with SPC3 and MS-MPC 21.3 < 21.3R3-S5

Junos OS MX Series with SPC3 and MS-MPC 21.4 < 21.4R3-S5

References

https://supportportal.juniper.net/JSA79092

vendor-advisory

https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/A...

technical-description

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
May 16, 2024
Vulnerability published
Apr 12, 2024
Vulnerability Reserved
Mar 26, 2024

Collectors

NVD DatabaseMitre Database