Junos OS vulnerable to Denial of Service (DoS) via malformed BGP update
CVE-2024-30395

7.5HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 12 April 2024

Badges

👾 Exploit Exists

Summary

An input validation vulnerability exists in the Routing Protocol Daemon (RPD) for Junos OS and Junos OS Evolved. This flaw permits an unauthenticated attacker to exploit a malformed tunnel encapsulation attribute within a BGP update, potentially leading to a Denial of Service (DoS) condition. When such malformed data is received via an established BGP session, it triggers an unexpected crash and restart of the RPD, disrupting network services. This issue affects several versions of Junos OS and Junos OS Evolved, highlighting the need for timely updates and patches to mitigate associated risks.

Affected Version(s)

Junos OS 0 < 21.2R3-S7

Junos OS 21.3 < 21.3R3-S5

Junos OS 21.4 < 21.4R3-S5

References

https://supportportal.juniper.net/JSA79095

vendor-advisory

https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/A...

technical-description

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
May 16, 2024
Vulnerability published
Apr 12, 2024
Vulnerability Reserved
Mar 26, 2024

Credit

Juniper SIRT would like to acknowledge and thank Matteo Memelli from Amazon for responsibly reporting this vulnerability.