CVSS: 7.1EPSS: 0%CPEs: 23EXPL: 0CVE-2024-30380 – Junos OS and Junos OS Evolved: l2cpd crash upon receipt of a specific TLV
https://notcve.org/view.php?id=CVE-2024-30380
An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS), which causes the l2cpd process to crash by sending a specific TLV. The l2cpd process is responsible for layer 2 control protocols, such as STP, RSTP, MSTP, VSTP, ERP, and LLDP. The impact of the l2cpd crash is reinitialization of STP protocols (RSTP, MSTP or VSTP), and MVRP and ERP, leading to a Denial of Service. Continued receipt and processing of this specific TLV will create a sustained Denial of Service (DoS) condition. This issue affects: Junos OS: all versions before 20.4R3-S9, from 21.2 before 21.2R3-S7, from 21.3 before 21.3R3-S5, from 21.4 before 21.4R3-S4, from 22.1 before 22.1R3-S4, from 22.2 before 22.2R3-S2, from 22.3 before 22.3R2-S2, 22.3R3-S1, from 22.4 before 22.4R2-S2, 22.4R3, from 23.2 before 23.2R1-S1, 23.2R2; Junos OS Evolved: all versions before 21.2R3-S7, from 21.3 before 21.3R3-S5-EVO, from 21.4 before 21.4R3-S5-EVO, from 22.1 before 22.1R3-S4-EVO, from 22.2 before 22.2R3-S2-EVO, from 22.3 before 22.3R2-S2-EVO, 22.3R3-S1-EVO, from 22.4 before 22.4R2-S2-EVO, 22.4R3-EVO, from 23.2 before 23.2R1-S1-EVO, 23.2R2-EVO. Una vulnerabilidad de manejo inadecuado de condiciones excepcionales en Juniper Networks Junos OS y Junos OS Evolved permite que un atacante adyacente no autenticado provoque una denegación de servicio (DoS), lo que provoca que el proceso l2cpd se bloquee al enviar un TLV específico. El proceso l2cpd es responsable de los protocolos de control de capa 2, como STP, RSTP, MSTP, VSTP, ERP y LLDP. • https://supportportal.juniper.net/JSA79171 https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-30378 – Junos OS: MX Series: bbe-smgd process crash upon execution of specific CLI commands
https://notcve.org/view.php?id=CVE-2024-30378
A Use After Free vulnerability in command processing of Juniper Networks Junos OS on MX Series allows a local, authenticated attacker to cause the broadband edge service manager daemon (bbe-smgd) to crash upon execution of specific CLI commands, creating a Denial of Service (DoS) condition. The process crashes and restarts automatically. When specific CLI commands are executed, the bbe-smgd daemon attempts to write into an area of memory (mgd socket) that was already closed, causing the process to crash. This process manages and controls the configuration of broadband subscriber sessions and services. While the process is unavailable, additional subscribers will not be able to connect to the device, causing a temporary Denial of Service condition. This issue only occurs if Graceful Routing Engine Switchover (GRES) and Subscriber Management are enabled. This issue affects Junos OS: * All versions before 20.4R3-S5, * from 21.1 before 21.1R3-S4, * from 21.2 before 21.2R3-S3, * from 21.3 before 21.3R3-S5, * from 21.4 before 21.4R3-S5, * from 22.1 before 22.1R3, * from 22.2 before 22.2R3, * from 22.3 before 22.3R2; Una vulnerabilidad Use After Free en el procesamiento de comandos de Juniper Networks Junos OS en la serie MX permite que un atacante local autenticado provoque que el demonio del administrador de servicios de banda ancha (bbe-smgd) se bloquee al ejecutar comandos CLI específicos, creando una condición de denegación de servicio ( DoS). El proceso falla y se reinicia automáticamente. • https://supportportal.juniper.net/JSA79109 https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L • CWE-416: Use After Free •
CVSS: 8.2EPSS: 0%CPEs: 15EXPL: 0CVE-2024-30402 – Junos OS and Junos OS Evolved: The l2ald crashes on receiving telemetry messages from a specific subscription
https://notcve.org/view.php?id=CVE-2024-30402
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When telemetry requests are sent to the device, and the Dynamic Rendering Daemon (drend) is suspended, the l2ald crashes and restarts due to factors outside the attackers control. Repeated occurrences of these events causes a sustained DoS condition. This issue affects: Junos OS: * All versions earlier than 20.4R3-S10; * 21.2 versions earlier than 21.2R3-S7; * 21.4 versions earlier than 21.4R3-S5; * 22.1 versions earlier than 22.1R3-S4; * 22.2 versions earlier than 22.2R3-S3; * 22.3 versions earlier than 22.3R3-S1; * 22.4 versions earlier than 22.4R3; * 23.2 versions earlier than 23.2R1-S2, 23.2R2. Junos OS Evolved: * All versions earlier than 21.4R3-S5-EVO; * 22.1-EVO versions earlier than 22.1R3-S4-EVO; * 22.2-EVO versions earlier than 22.2R3-S3-EVO; * 22.3-EVO versions earlier than 22.3R3-S1-EVO; * 22.4-EVO versions earlier than 22.4R3-EVO; * 23.2-EVO versions earlier than 23.2R2-EVO. Una verificación inadecuada de la vulnerabilidad de condiciones inusuales o excepcionales en el daemon de aprendizaje de direcciones de capa 2 (l2ald) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante adyacente no autenticado provoque una denegación de servicio (DoS). Cuando se envían solicitudes de telemetría al dispositivo y el daemon de renderizado dinámico (drend) se suspende, l2ald falla y se reinicia debido a factores fuera del control de los atacantes. La ocurrencia repetida de estos eventos causa una condición DoS sostenida. • https://supportportal.juniper.net/JSA79180 https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2024-30401 – Junos OS: MX Series and EX9200-15C: Stack-based buffer overflow in aftman
https://notcve.org/view.php?id=CVE-2024-30401
An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC. Through code review, it was determined that the interface definition code for aftman could read beyond a buffer boundary, leading to a stack-based buffer overflow. This issue affects Junos OS on MX Series and EX9200-15C: * from 21.2 before 21.2R3-S1, * from 21.4 before 21.4R3, * from 22.1 before 22.1R2, * from 22.2 before 22.2R2; This issue does not affect: * versions of Junos OS prior to 20.3R1; * any version of Junos OS 20.4. Una vulnerabilidad de lectura fuera de los límites en el proceso avanzado de gestión de reenvío de Juniper Networks Junos OS en la serie MX con tarjetas de línea MPC10E, MPC11, MX10K-LC9600, MX304 y EX9200-15C, puede permitir que un atacante aproveche un desbordamiento del búfer basado en la pila, lo que provocará un reinicio del FPC. A través de la revisión del código, se determinó que el código de definición de interfaz para aftman podía leer más allá del límite del búfer, lo que provocaba un desbordamiento del búfer basado en pila. Este problema afecta a Junos OS en la serie MX y EX9200-15C: * desde 21.2 antes de 21.2R3-S1, * desde 21.4 antes de 21.4R3, * desde 22.1 antes de 22.1R2, * desde 22.2 antes de 22.2R2; Este problema no afecta a: * versiones de Junos OS anteriores a 20.3R1; * cualquier versión de Junos OS 20.4. • https://supportportal.juniper.net/JSA79110 https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N • CWE-125: Out-of-bounds Read •
CVSS: 8.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-30398 – Junos OS: SRX4600 Series - A high amount of specific traffic causes packet drops and an eventual PFE crash
https://notcve.org/view.php?id=CVE-2024-30398
An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a high amount of specific traffic is received on a SRX4600 device, due to an error in internal packet handling, a consistent rise in CPU memory utilization occurs. This results in packet drops in the traffic and eventually the PFE crashes. A manual reboot of the PFE will be required to restore the device to original state. This issue affects Junos OS: * 21.2 before 21.2R3-S7, * 21.4 before 21.4R3-S6, * 22.1 before 22.1R3-S5, * 22.2 before 22.2R3-S3, * 22.3 before 22.3R3-S2, * 22.4 before 22.4R3, * 23.2 before 23.2R1-S2, 23.2R2. Una restricción inadecuada de operaciones dentro de los límites de una vulnerabilidad de búfer de memoria en el motor de reenvío de paquetes (PFE) de Juniper Networks Junos OS permite que un atacante no autenticado basado en la red provoque una denegación de servicio (DoS). Cuando se recibe una gran cantidad de tráfico específico en un dispositivo SRX4600, debido a un error en el manejo de paquetes internos, se produce un aumento constante en la utilización de la memoria de la CPU. • https://supportportal.juniper.net/JSA79176 https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •