CVE-2024-30382
Junos OS and Junos OS Evolved: RPD crash when CoS-based forwarding (CBF) policy is configured
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial of Service (DoS).
This issue can only be triggered when the system is configured for CoS-based forwarding (CBF) with a policy map containing a cos-next-hop-map action (see below).
This issue affects:
Junos OS:
* all versions before 20.4R3-S10,
* from 21.2 before 21.2R3-S8,
* from 21.3 before 21.3R3,
* from 21.4 before 21.4R3,
* from 22.1 before 22.1R2;
Junos OS Evolved:
* all versions before 21.2R3-S8-EVO,
* from 21.3 before 21.3R3-EVO,
* from 21.4 before 21.4R3-EVO,
* from 22.1 before 22.1R2-EVO.
Una vulnerabilidad de manejo inadecuado de condiciones excepcionales en el daemon del protocolo de enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante no autenticado basado en la red envíe una actualización de enrutamiento específica, lo que provoca un núcleo rpd debido a la corrupción de la memoria, lo que lleva a una denegación de servicio (DoS). Este problema solo se puede desencadenar cuando el sistema está configurado para el reenvío basado en CoS (CBF) con un mapa de políticas que contiene una acción cos-next-hop-map (ver más abajo). Este problema afecta a: Junos OS: * todas las versiones anteriores a 20.4R3-S10, * desde 21.2 anterior a 21.2R3-S8, * desde 21.3 anterior a 21.3R3, * desde 21.4 anterior a 21.4R3, * desde 22.1 anterior a 22.1R2; Junos OS Evolved: * todas las versiones anteriores a 21.2R3-S8-EVO, * desde 21.3 anteriores a 21.3R3-EVO, * desde 21.4 anteriores a 21.4R3-EVO, * desde 22.1 anteriores a 22.1R2-EVO.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-03-26 CVE Reserved
- 2024-04-12 CVE Published
- 2024-04-21 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-755: Improper Handling of Exceptional Conditions
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | Technical Description |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://supportportal.juniper.net/JSA79174 | 2024-05-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | < 20.4R3-S10 Search vendor "Juniper Networks" for product "Junos OS" and version " < 20.4R3-S10" | en |
Affected
| ||||||
Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | >= 21.2 < 21.2R3-S8 Search vendor "Juniper Networks" for product "Junos OS" and version " >= 21.2 < 21.2R3-S8" | en |
Affected
| ||||||
Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | >= 21.3 < 21.3R3 Search vendor "Juniper Networks" for product "Junos OS" and version " >= 21.3 < 21.3R3" | en |
Affected
| ||||||
Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | >= 21.4 < 21.4R3 Search vendor "Juniper Networks" for product "Junos OS" and version " >= 21.4 < 21.4R3" | en |
Affected
| ||||||
Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | >= 22.1 < 22.1R2 Search vendor "Juniper Networks" for product "Junos OS" and version " >= 22.1 < 22.1R2" | en |
Affected
| ||||||
Juniper Networks Search vendor "Juniper Networks" | Junos OS Evolved Search vendor "Juniper Networks" for product "Junos OS Evolved" | < 21.2R3-S8-EVO Search vendor "Juniper Networks" for product "Junos OS Evolved" and version " < 21.2R3-S8-EVO" | en |
Affected
| ||||||
Juniper Networks Search vendor "Juniper Networks" | Junos OS Evolved Search vendor "Juniper Networks" for product "Junos OS Evolved" | >= 21.3 < 21.3R3-EVO Search vendor "Juniper Networks" for product "Junos OS Evolved" and version " >= 21.3 < 21.3R3-EVO" | en |
Affected
| ||||||
Juniper Networks Search vendor "Juniper Networks" | Junos OS Evolved Search vendor "Juniper Networks" for product "Junos OS Evolved" | >= 21.4 < 21.4R3-EVO Search vendor "Juniper Networks" for product "Junos OS Evolved" and version " >= 21.4 < 21.4R3-EVO" | en |
Affected
| ||||||
Juniper Networks Search vendor "Juniper Networks" | Junos OS Evolved Search vendor "Juniper Networks" for product "Junos OS Evolved" | >= 22.1 < 22.1R2-EVO Search vendor "Juniper Networks" for product "Junos OS Evolved" and version " >= 22.1 < 22.1R2-EVO" | en |
Affected
|