Juniper Networks Junos OS Vulnerability Leads to Denial of Service
CVE-2024-39529

7.5HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os
Vendor: CVE Published:; 11 July 2024

Summary

A vulnerability exists in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS affecting the SRX Series. This vulnerability allows unauthenticated, network-based attackers to exploit a use of externally-controlled format string. When certain configurations, such as DNS Domain Generation Algorithm (DGA) detection, tunnel detection, and DNS-filtering traceoptions are enabled, the vulnerability can be triggered by specific valid transit DNS traffic. Consequently, this results in a crash and restart of the PFE, leading to a Denial-of-Service condition. Affected versions include all before 21.4R3-S6, as well as specific prior versions of 22.2, 22.3, 22.4, and 23.2.

Affected Version(s)

Junos OS SRX Series 0 < 21.4R3-S6

Junos OS SRX Series 22.2 < 22.2R3-S3

Junos OS SRX Series 22.3 < 22.3R3-S3

References

https://supportportal.juniper.net/JSA82988

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 11, 2024
Vulnerability Reserved
Jun 25, 2024