Buffer Overflow Vulnerability in Flow Processing Daemon (flowd) Could Lead to Denial of Service (DoS)
CVE-2024-30392

7.5HIGH

Key Information:

Vendor

Juniper Networks
Status
Junos Os
Vendor
CVE Published:
12 April 2024

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2024-30392?

A Stack-based Buffer Overflow vulnerability exists in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS. This vulnerability allows an unauthenticated attacker to exploit the system remotely. When URL filtering is enabled on affected MX Series platforms, the processing of a specific URL request can lead to the crash and subsequent restart of flowd, resulting in a Denial of Service (DoS) condition. Continuous exploitation of this vulnerability can lead to persistent interruptions in service. It is critical for users to upgrade to the recommended versions of Junos OS to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Junos OS MX Series with SPC3 and MS-MPC 0 < 21.2R3-S6

Junos OS MX Series with SPC3 and MS-MPC 21.3 < 21.3R3-S5

Junos OS MX Series with SPC3 and MS-MPC 21.4 < 21.4R3-S5

References

https://supportportal.juniper.net/JSA79092
vendor-advisory
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/A...
technical-description

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.