Improper Check for Unusual or Exceptional Conditions Leads to Denial-of-Service Vulnerability in Junos OS Evolved
CVE-2024-39535
6.5MEDIUM
Key Information
- Vendor
- Juniper Networks
- Status
- Junos Os Evolved
- Vendor
- CVE Published:
- 11 July 2024
Badges
👾 Exploit Exists
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). When a device has a Layer 3 or an IRB interface configured in a VPLS instance and specific traffic is received, the evo-pfemand processes crashes which causes a service outage for the respective FPC until the system is recovered manually. This issue only affects Junos OS Evolved 22.4R2-S1 and 22.4R2-S2 releases and is fixed in 22.4R3. No other releases are affected.
Affected Version(s)
Junos OS Evolved < 22.4R3-EVO
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
- 👾
Exploit exists.
Collectors
NVD DatabaseMitre Database