{"Juniper Networks warns of Denial of Service (DoS) vulnerability in Junos OS and Junos OS Evolved","Improper Handling of Exceptional Conditions in Junos OS and Junos OS Evolved could lead to DoS attacks"}
CVE-2024-39525

7.5HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 9 October 2024

Badges

👾 Exploit Exists

Summary

An improper handling of exceptional conditions vulnerability exists in the routing protocol daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved. This flaw allows an unauthenticated network-based attacker to send a specific Border Gateway Protocol (BGP) packet, causing the rpd to crash and subsequently restart. As a result, this can lead to a Denial of Service (DoS) condition, which is further exacerbated by the continued reception of the malicious packets, sustaining the DoS state. The vulnerability specifically affects systems with BGP traceoptions enabled and requires an established BGP session. Both internal BGP (iBGP) and external BGP (eBGP) are vulnerable across IPv4 and IPv6 protocols. Systems lacking BGP traceoptions enabled are not impacted.

Affected Version(s)

Junos OS 0 < 21.2R3-S8

Junos OS 21.4 < 21.4R3-S8

Junos OS 22.2 < 22.2R3-S4

References

https://supportportal.juniper.net/JSA88102

vendor-advisory

https://www.juniper.net/documentation/us/en/software/juno...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Oct 11, 2024
Vulnerability published
Oct 9, 2024

Collectors

NVD DatabaseMitre Database

Credit

Juniper SIRT would like to acknowledge and thank Craig Dods from Meta’s Infrastructure Security Engineering team for responsibly reporting this vulnerability.