fkie_cve-2024-39528
Vulnerability from fkie_nvd
Published
2024-07-11 16:15
Modified
2024-11-21 09:27
Severity ?
Summary
A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service (DoS).On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at the same time a specific SNMP request is received, a segmentation fault occurs which causes rpd to crash and restart.
This issue affects:
Junos OS:
* All versions before 21.2R3-S8,
* 21.4 versions before 21.4R3-S5,
* 22.2 versions before 22.2R3-S3,
* 22.3 versions before 22.3R3-S2,
* 22.4 versions before 22.4R3,
* 23.2 versions before 23.2R2.
Junos OS Evolved:
* All versions before 21.2R3-S8-EVO,
* 21.4-EVO versions before 21.4R3-S5-EVO,
* 22.2-EVO versions before 22.2R3-S3-EVO,
* 22.3-EVO versions before 22.3R3-S2-EVO,
* 22.4-EVO versions before 22.4R3-EVO,
* 23.2-EVO versions before 23.2R2-EVO.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA82987 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA82987 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", matchCriteriaId: "331C0F12-D9B9-483B-9EF0-28E48ED8346D", versionEndExcluding: "21.2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", matchCriteriaId: "216E7DDE-453D-481F-92E2-9F8466CDDA3F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", matchCriteriaId: "A52AF794-B36B-43A6-82E9-628658624B0A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "3998DC76-F72F-4452-9150-652140B113EB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "36ED4552-2420-45F9-B6E4-6DA2B2B12870", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", matchCriteriaId: "C28A14E7-7EA0-4757-9764-E39A27CFDFA5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "4A43752D-A4AF-4B4E-B95B-192E42883A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "42986538-E9D0-4C2E-B1C4-A763A4EE451B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", matchCriteriaId: "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "E596ABD9-6ECD-48DC-B770-87B7E62EA345", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "71745D02-D226-44DC-91AD-678C85F5E6FC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", matchCriteriaId: "39E44B09-7310-428C-8144-AE9DB0484D1F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*", matchCriteriaId: "53938295-8999-4316-9DED-88E24D037852", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*", matchCriteriaId: "2307BF56-640F-49A8-B060-6ACB0F653A61", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*", matchCriteriaId: "737DDF96-7B1D-44E2-AD0F-E2F50858B2A3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s7:*:*:*:*:*:*", matchCriteriaId: "35E0BB39-18AE-4FAD-A528-FDFF6222DDE5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", matchCriteriaId: "79ED3CE8-CC57-43AB-9A26-BBC87816062D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", matchCriteriaId: "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "9962B01C-C57C-4359-9532-676AB81CE8B0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "62178549-B679-4902-BFDB-2993803B7FCE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", matchCriteriaId: "9AD697DF-9738-4276-94ED-7B9380CD09F5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "09FF5818-0803-4646-A386-D7C645EE58A3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "2229FA59-EB24-49A2-85CE-F529A8DE6BA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", matchCriteriaId: "0CB280D8-C5D8-4B51-A879-496ACCDE4538", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "5F3F54F1-75B3-400D-A735-2C27C8CEBE79", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "0A5B196A-2AF1-4AE5-9148-A75A572807BC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "3B457616-2D91-4913-9A7D-038BBF8F1F66", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*", matchCriteriaId: "06156CD6-09D3-4A05-9C5E-BC64A70640F9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", matchCriteriaId: "E949B21B-AD62-4022-9088-06313277479E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "8D862E6F-0D01-4B25-8340-888C30F75A2F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "2F28F73E-8563-41B9-A313-BBAAD5B57A67", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", matchCriteriaId: "E37D4694-C80B-475E-AB5B-BB431F59C5E1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "5EC0D2D2-4922-4675-8A2C-57A08D7BE334", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*", matchCriteriaId: "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "786F993E-32CB-492A-A7CC-A7E4F48EA8B9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*", matchCriteriaId: "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", matchCriteriaId: "19519212-51DD-4448-B115-8A20A40192CC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "5CC9909E-AE9F-414D-99B1-83AA04D5297B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "FDE9E767-4713-4EA2-8D00-1382975A4A15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*", matchCriteriaId: "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "574730B0-56C8-4A03-867B-1737148ED9B1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "20EBC676-1B26-4A71-8326-0F892124290A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*", matchCriteriaId: "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*", matchCriteriaId: "8BCDE58C-80CC-4C5A-9667-8A4468D8D76C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*", matchCriteriaId: "1379EF30-AF04-4F98-8328-52A631F24737", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*", matchCriteriaId: "28E42A41-7965-456B-B0AF-9D3229CE4D4C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "CB1A77D6-D3AD-481B-979C-8F778530B175", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "3A064B6B-A99B-4D8D-A62D-B00C7870BC30", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*", matchCriteriaId: "40813417-A938-4F74-A419-8C5188A35486", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "7FC1BA1A-DF0E-4B15-86BA-24C60E546732", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "EBB967BF-3495-476D-839A-9DBFCBE69F91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*", matchCriteriaId: "1A78CC80-E8B1-4CDA-BB35-A61833657FA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*", matchCriteriaId: "4B3B2FE1-C228-46BE-AC76-70C2687050AE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "F1B16FF0-900F-4AEE-B670-A537139F6909", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "B227E831-30FF-4BE1-B8B2-31829A5610A6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*", matchCriteriaId: "9C14B5A6-597A-4181-8C42-392A2E4605BF", versionEndExcluding: "21.2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:-:*:*:*:*:*:*", matchCriteriaId: "620B0CDD-5566-472E-B96A-31D2C12E3120", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*", matchCriteriaId: "3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "7E1E57AF-979B-4022-8AD6-B3558E06B718", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "144730FB-7622-4B3D-9C47-D1B7A7FB7EB0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*", matchCriteriaId: "7BA246F0-154E-4F44-A97B-690D22FA73DD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "25D6C07C-F96E-4523-BB54-7FEABFE1D1ED", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "2B70C784-534B-4FAA-A5ED-3709656E2B97", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*", matchCriteriaId: "60448FFB-568E-4280-9261-ADD65244F31A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "2B770C52-7E3E-4B92-9138-85DEC56F3B22", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "E88AC378-461C-4EFA-A04B-5786FF21FE03", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3:*:*:*:*:*:*", matchCriteriaId: "3B0AFB30-81DC-465C-9F63-D1B15EA4809A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4:*:*:*:*:*:*", matchCriteriaId: "2035F0AC-29E7-478A-A9D0-BAA3A88B3413", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5:*:*:*:*:*:*", matchCriteriaId: "C34ABD4B-B045-4046-9641-66E3B2082A25", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6:*:*:*:*:*:*", matchCriteriaId: "6D5DC04F-18DE-403B-BE93-2251F3332C1C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s7:*:*:*:*:*:*", matchCriteriaId: "909FC378-EBFE-4BA9-8393-0C8301438020", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*", matchCriteriaId: "2E907193-075E-45BC-9257-9607DB790D71", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*", matchCriteriaId: "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "CEDF46A8-FC3A-4779-B695-2CA11D045AEB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "39809219-9F87-4583-9DAD-9415DD320B36", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*", matchCriteriaId: "DB299492-A919-4EBA-A62A-B3CF02FC0A95", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "74ED0939-D5F8-4334-9838-40F29DE3597F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "C6937069-8C19-4B01-8415-ED7E9EAE2CE2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*", matchCriteriaId: "97DB6DD5-F5DD-4AE1-AF2F-8DB9E18FF882", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "21DF05B8-EF7E-422F-8831-06904160714C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "492FCE45-68A1-4378-85D4-C4034FE0D836", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "522114CC-1505-4205-B4B8-797DE1BD833B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "C9D664AB-0FA7-49C7-B6E1-69C77652FBEF", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*", matchCriteriaId: "A3CA3365-F9AF-40DF-8700-30AD4BC58E27", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*", matchCriteriaId: "D77A072D-350A-42F2-8324-7D3AC1711BF9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "83AE395C-A651-4568-88E3-3600544BF799", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "C7FEFD0A-A969-4F53-8668-1231FD675D6F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*", matchCriteriaId: "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "81CC3480-4B65-4588-8D46-FA80A8F6D143", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:*:*:*:*:*:*", matchCriteriaId: "C63DBEE5-B0C2-498F-A672-B6596C89B0A2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "9370C46D-3AA1-4562-B67F-DF6EA10F209B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "1FD8C240-A7FE-4FD5-ADCC-289C1BC461BF", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*", matchCriteriaId: "0A33C425-921F-4795-B834-608C8F1597E0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*", matchCriteriaId: "93887799-F62C-4A4A-BCF5-004D0B4D4154", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "62C473D2-2612-4480-82D8-8A24D0687BBD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "7FB4C5CA-A709-4B13-A9E0-372098A72AD3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*", matchCriteriaId: "04CE952D-E3C1-4B34-9E65-EC52BFE887AB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "A8643AA3-29EF-48A7-B033-CB60988E214B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*", matchCriteriaId: "6DEAA7FD-385F-4221-907E-65ABC16BE4BE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*", matchCriteriaId: "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "558D234D-BC50-415F-86D6-8E19D6C3ACE0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "33F4EEEE-77E9-4973-A770-99E7BA2F05F5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service (DoS).On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at the same time a specific SNMP request is received, a segmentation fault occurs which causes rpd to crash and restart.\n\n\n\n\nThis issue affects:\n\n Junos OS:\n\n\n\n * All versions before 21.2R3-S8, \n * 21.4 versions before 21.4R3-S5,\n * 22.2 versions before 22.2R3-S3,\n * 22.3 versions before 22.3R3-S2,\n * 22.4 versions before 22.4R3,\n * 23.2 versions before 23.2R2.\n\n\n\n\n Junos OS Evolved:\n\n\n\n * All versions before 21.2R3-S8-EVO,\n * 21.4-EVO versions before 21.4R3-S5-EVO,\n * 22.2-EVO versions before 22.2R3-S3-EVO, \n * 22.3-EVO versions before 22.3R3-S2-EVO,\n * 22.4-EVO versions before 22.4R3-EVO,\n * 23.2-EVO versions before 23.2R2-EVO.", }, { lang: "es", value: "Una vulnerabilidad de Use After Free en Routing Protocol Daemon (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante autenticado basado en red provoque una denegación de servicio (DoS). En todas las plataformas Junos OS y Junos Evolved, si Se activa una desactivación de la instancia de enrutamiento y, al mismo tiempo que se recibe una solicitud SNMP específica, se produce un fallo de segmentación que hace que rpd falle y se reinicie. Este problema afecta a: Junos OS: * Todas las versiones anteriores a 21.2R3-S8, * Versiones 21.4 anteriores a 21.4R3-S5, * Versiones 22.2 anteriores a 22.2R3-S3, * Versiones 22.3 anteriores a 22.3R3-S2, * Versiones 22.4 anteriores a 22.4R3, * Versiones 23.2 anteriores a 23.2R2. Junos OS Evolved: * Todas las versiones anteriores a 21.2R3-S8-EVO, * Versiones 21.4-EVO anteriores a 21.4R3-S5-EVO, * Versiones 22.2-EVO anteriores a 22.2R3-S3-EVO, * Versiones 22.3-EVO anteriores a 22.3R3- S2-EVO, *versiones 22.4-EVO anteriores a 22.4R3-EVO, *versiones 23.2-EVO anteriores a 23.2R2-EVO.", }, ], id: "CVE-2024-39528", lastModified: "2024-11-21T09:27:56.103", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 3.6, source: "sirt@juniper.net", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "PRESENT", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 6, baseSeverity: "MEDIUM", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "LOW", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "LOW", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "sirt@juniper.net", type: "Primary", }, ], }, published: "2024-07-11T16:15:04.113", references: [ { source: "sirt@juniper.net", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA82987", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA82987", }, ], sourceIdentifier: "sirt@juniper.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "sirt@juniper.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.