Junos OS Evolved Vulnerability: Improper Check for Unusual or Exceptional Conditions May Cause Denial-of-Service Attack
CVE-2024-39519

6.5MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Junos Os Evolved
Vendor: CVE Published:; 11 July 2024

🔔 Create Juniper Networks Vulnerability Alert

What is CVE-2024-39519?

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a

Denial-of-Service (DoS).

On all ACX 7000 Series platforms running

Junos OS Evolved, and configured with IRBs, if a Customer Edge device (CE) device is dual homed to two Provider Edge devices (PE) a traffic loop will occur when the CE sends multicast packets. This issue can be triggered by IPv4 and IPv6 traffic.

This issue affects Junos OS Evolved:

All versions from 22.2R1-EVO and later versions before 22.4R2-EVO,

This issue does not affect Junos OS Evolved versions before 22.1R1-EVO.

Affected Version(s)

Junos OS Evolved ACX7000 Series 22.1-EVO

Junos OS Evolved ACX7000 Series 22.2-EVO

Junos OS Evolved ACX7000 Series 22.3-EVO

References

https://supportportal.juniper.net/JSA82983

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 11, 2024
Vulnerability Reserved
Jun 25, 2024