{"An Improper Handling of Values vulnerability in Junos OS Evolved ALLOWS a Denial-of-Service (DoS)."}
CVE-2024-39531

7.5HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os Evolved
Vendor: CVE Published:; 11 July 2024

Summary

An Improper Handling of Values vulnerability exists in the Packet Forwarding Engine (PFE) of Junos OS Evolved on the Juniper ACX 7000 Series. This flaw enables a network-based, unauthenticated attacker to execute a Denial-of-Service (DoS) attack. When a value is set for DDoS bandwidth or burst parameters for specific protocols in a shared queue, all protocols using that queue inherit the modified bandwidth or burst settings. As a result, this can lead to unintentional exposure of the control plane to high traffic volumes or impose restrictive limits on certain protocols, thereby increasing the risk of successful volumetric DoS attacks.

Affected Version(s)

Junos OS Evolved ACX 7000 Series 0 < 21.4R3-S7-EVO

Junos OS Evolved ACX 7000 Series 22.1 < 22.1R3-S6-EVO

Junos OS Evolved ACX 7000 Series 22.2 < 22.2R3-S3-EVO

References

https://supportportal.juniper.net/JSA82991

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 11, 2024
Vulnerability Reserved
Jun 25, 2024