// For flags

CVE-2024-30401

Junos OS: MX Series and EX9200-15C: Stack-based buffer overflow in aftman

Severity Score

8.2
*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC.

Through code review, it was determined that the interface definition code for aftman could read beyond a buffer boundary, leading to a stack-based buffer overflow.
This issue affects Junos OS on MX Series and EX9200-15C:


* from 21.2 before 21.2R3-S1,
* from 21.4 before 21.4R3,
* from 22.1 before 22.1R2,
* from 22.2 before 22.2R2; 




This issue does not affect:



* versions of Junos OS prior to 20.3R1;
* any version of Junos OS 20.4.

Una vulnerabilidad de lectura fuera de los límites en el proceso avanzado de gestión de reenvío de Juniper Networks Junos OS en la serie MX con tarjetas de línea MPC10E, MPC11, MX10K-LC9600, MX304 y EX9200-15C, puede permitir que un atacante aproveche un desbordamiento del búfer basado en la pila, lo que provocará un reinicio del FPC. A través de la revisión del código, se determinó que el código de definición de interfaz para aftman podía leer más allá del límite del búfer, lo que provocaba un desbordamiento del búfer basado en pila. Este problema afecta a Junos OS en la serie MX y EX9200-15C: * desde 21.2 antes de 21.2R3-S1, * desde 21.4 antes de 21.4R3, * desde 22.1 antes de 22.1R2, * desde 22.2 antes de 22.2R2; Este problema no afecta a: * versiones de Junos OS anteriores a 20.3R1; * cualquier versión de Junos OS 20.4.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
Present
Privileges Required
None
User Interaction
None
System
Vulnerable | Subsequent
Confidentiality
None
None
Integrity
None
None
Availability
High
None
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-03-26 CVE Reserved
  • 2024-04-12 CVE Published
  • 2024-04-21 EPSS Updated
  • 2024-08-02 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-125: Out-of-bounds Read
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Juniper Networks
Search vendor "Juniper Networks"
Junos OS
Search vendor "Juniper Networks" for product "Junos OS"
>= 21.2 < 21.2R3-S1
Search vendor "Juniper Networks" for product "Junos OS" and version " >= 21.2 < 21.2R3-S1"
en
Affected
Juniper Networks
Search vendor "Juniper Networks"
Junos OS
Search vendor "Juniper Networks" for product "Junos OS"
>= 21.4 < 21.4R3
Search vendor "Juniper Networks" for product "Junos OS" and version " >= 21.4 < 21.4R3"
en
Affected
Juniper Networks
Search vendor "Juniper Networks"
Junos OS
Search vendor "Juniper Networks" for product "Junos OS"
>= 22.1 < 22.1R2
Search vendor "Juniper Networks" for product "Junos OS" and version " >= 22.1 < 22.1R2"
en
Affected
Juniper Networks
Search vendor "Juniper Networks"
Junos OS
Search vendor "Juniper Networks" for product "Junos OS"
>= 22.2 < 22.2R2
Search vendor "Juniper Networks" for product "Junos OS" and version " >= 22.2 < 22.2R2"
en
Affected