{"Junos OS affected by Stack-based Buffer Overflow vulnerability","Junos OS Evolved affected by Stack-based Buffer Overflow vulnerability","Denial of Service (DoS) condition caused by specific EVPN type-5 route receipt"}
CVE-2024-30394

7.5HIGH

Key Information:

Vendor

Juniper Networks
Status
Junos Os
Junos Os Evolved
Vendor
CVE Published:
12 April 2024

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2024-30394?

A stack-based buffer overflow vulnerability exists within the Routing Protocol Daemon (rpd) of Junos OS and Junos OS Evolved. This vulnerability can be exploited by an unauthenticated network-based attacker through the receipt of a crafted specific EVPN type-5 route via BGP. Successful exploitation causes the rpd process to crash and restart, leading to a Denial of Service (DoS) condition, which can be sustained if the attacker continuously sends the malicious route. The vulnerability impacts multiple versions of Junos OS and Junos OS Evolved, underscoring the importance of timely updates and strict network monitoring to mitigate potential threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Junos OS 0 < 21.2R3-S7

Junos OS 21.4 < 21.4R3-S5

Junos OS 22.1 < 22.1R3-S4

References

https://supportportal.juniper.net/JSA79094
vendor-advisory
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/A...
technical-description

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.