Junos OS vulnerable to Denial of Service (DoS) via malformed BGP update
CVE-2024-30395

7.5HIGH

Key Information:

Vendor

Juniper Networks
Status
Junos Os
Junos Os Evolved
Vendor
CVE Published:
12 April 2024

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2024-30395?

An input validation vulnerability exists in the Routing Protocol Daemon (RPD) for Junos OS and Junos OS Evolved. This flaw permits an unauthenticated attacker to exploit a malformed tunnel encapsulation attribute within a BGP update, potentially leading to a Denial of Service (DoS) condition. When such malformed data is received via an established BGP session, it triggers an unexpected crash and restart of the RPD, disrupting network services. This issue affects several versions of Junos OS and Junos OS Evolved, highlighting the need for timely updates and patches to mitigate associated risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Junos OS 0 < 21.2R3-S7

Junos OS 21.3 < 21.3R3-S5

Junos OS 21.4 < 21.4R3-S5

References

https://supportportal.juniper.net/JSA79095
vendor-advisory
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/A...
technical-description

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Juniper SIRT would like to acknowledge and thank Matteo Memelli from Amazon for responsibly reporting this vulnerability.
JSON
.