Juniper Networks Junos OS and Junos OS Evolved Vulnerable to Denial of Service Attack via BGP Packets
CVE-2024-39516

7.5HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 9 October 2024

Badges

👾 Exploit Exists

Summary

An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved enables network-based attackers to exploit improperly handled BGP packets. When attackers send a specifically crafted BGP packet to affected systems—particularly those configured with BGP traceoptions enabled or with BGP traffic engineering—the rpd component can crash and subsequently restart. This behavior creates a Denial of Service (DoS), where the ongoing reception of such packets leads to a sustained service disruption. The vulnerability has the potential to impact both iBGP and eBGP configurations across a range of address families, primarily affecting non-transitive attributes that remain contained within the local network.

Affected Version(s)

Junos OS 0 < 21.4R3-S8

Junos OS 22.2 < 22.2R3-S5

Junos OS 22.3 < 22.3R3-S4

References

https://supportportal.juniper.net/JSA88100

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Oct 11, 2024
Vulnerability published
Oct 9, 2024

Collectors

NVD DatabaseMitre Database

Credit

Juniper SIRT would like to acknowledge and thank Craig Dods from Meta’s Infrastructure Security Engineering team for responsibly reporting this vulnerability.