CVE-2024-39532 – Junos OS and Junos OS Evolved: Confidential information in logs can be accessed by another user
https://notcve.org/view.php?id=CVE-2024-39532
An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive information. When another user performs a specific operation, sensitive information is stored as plain text in a specific log file, so that a high-privileged attacker has access to this information. This issue affects: Junos OS: * All versions before 22.1R2-S2, * 22.1R3 and later versions, * 22.2 versions before 22.2R2-S1, 22.2R3, * 22.3 versions before 22.3R1-S2, 22.3R2; Junos OS Evolved: * All versions before before 22.1R3-EVO, * 22.2-EVO versions before 22.2R2-S1-EVO, 22.2R3-EVO, * 22.3-EVO versions before 22.3R1-S1-EVO, 22.3R2-EVO. • https://supportportal.juniper.net/JSA82992 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2024-39530 – Junos OS: Attempting to access specific sensors on platforms not supporting these will lead to a chassisd crash
https://notcve.org/view.php?id=CVE-2024-39530
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis management daemon (chassisd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an attempt is made to access specific sensors on platforms not supporting these sensors, either via GRPC or netconf, chassisd will crash and restart leading to a restart of all FPCs and thereby a complete outage. This issue affects Junos OS: * 21.4 versions from 21.4R3 before 21.4R3-S5, * 22.1 versions from 22.1R3 before 22.1R3-S4, * 22.2 versions from 22.2R2 before 22.2R3, * 22.3 versions from 22.3R1 before 22.3R2-S2, 22.3R3, * 22.4 versions from 22.4R1 before 22.4R2. This issue does not affect Junos OS versions earlier than 21.4. • https://supportportal.juniper.net/JSA82989 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2024-39529 – Junos OS: SRX Series: If DNS traceoptions are configured in a DGA or tunnel detection scenario specific DNS traffic leads to a PFE crash
https://notcve.org/view.php?id=CVE-2024-39529
A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes a PFE crash and restart, leading to a Denial of Service. This issue affects Junos OS: * All versions before 21.4R3-S6, * 22.2 versions before 22.2R3-S3, * 22.3 versions before 22.3R3-S3, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R2. • https://supportportal.juniper.net/JSA82988 • CWE-134: Use of Externally-Controlled Format String •
CVE-2024-39528 – Junos OS and Junos OS Evolved: Concurrent deletion of a routing-instance and receipt of an SNMP request cause an RPD crash
https://notcve.org/view.php?id=CVE-2024-39528
A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service (DoS).On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at the same time a specific SNMP request is received, a segmentation fault occurs which causes rpd to crash and restart. This issue affects: Junos OS: * All versions before 21.2R3-S8, * 21.4 versions before 21.4R3-S5, * 22.2 versions before 22.2R3-S3, * 22.3 versions before 22.3R3-S2, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R2. Junos OS Evolved: * All versions before 21.2R3-S8-EVO, * 21.4-EVO versions before 21.4R3-S5-EVO, * 22.2-EVO versions before 22.2R3-S3-EVO, * 22.3-EVO versions before 22.3R3-S2-EVO, * 22.4-EVO versions before 22.4R3-EVO, * 23.2-EVO versions before 23.2R2-EVO. • https://supportportal.juniper.net/JSA82987 • CWE-416: Use After Free •
CVE-2024-39518 – Junos OS: MX240, MX480, MX960 platforms using MPC10E: Memory leak will be observed when subscribed to a specific subscription on Junos Telemetry Interface
https://notcve.org/view.php?id=CVE-2024-39518
A Heap-based Buffer Overflow vulnerability in the telemetry sensor process (sensord) of Juniper Networks Junos OS on MX240, MX480, MX960 platforms using MPC10E causes a steady increase in memory utilization, ultimately leading to a Denial of Service (DoS). When the device is subscribed to a specific subscription on Junos Telemetry Interface, a slow memory leak occurs and eventually all resources are consumed and the device becomes unresponsive. A manual reboot of the Line Card will be required to restore the device to its normal functioning. This issue is only seen when telemetry subscription is active. The Heap memory utilization can be monitored using the following command: > show system processes extensive The following command can be used to monitor the memory utilization of the specific sensor > show system info | match sensord PID NAME MEMORY PEAK MEMORY %CPU THREAD-COUNT CORE-AFFINITY UPTIME 1986 sensord 877.57MB 877.57MB 2 4 0,2-15 7-21:41:32 This issue affects Junos OS: * from 21.2R3-S5 before 21.2R3-S7, * from 21.4R3-S4 before 21.4R3-S6, * from 22.2R3 before 22.2R3-S4, * from 22.3R2 before 22.3R3-S2, * from 22.4R1 before 22.4R3, * from 23.2R1 before 23.2R2. Una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico en el proceso del sensor de telemetría (sensord) de Juniper Networks Junos OS en plataformas MX240, MX480, MX960 que utilizan MPC10E provoca un aumento constante en la utilización de la memoria, lo que en última instancia conduce a una denegación de servicio (DoS). Cuando el dispositivo está suscrito a una suscripción específica en Junos Telemetry Interface, se produce una pérdida lenta de memoria y, finalmente, se consumen todos los recursos y el dispositivo deja de responder. Será necesario reiniciar manualmente la tarjeta de línea para restaurar el dispositivo a su funcionamiento normal. • https://supportportal.juniper.net/JSA82982 • CWE-122: Heap-based Buffer Overflow •