CVE-2024-30410

Junos OS: EX4300 Series: Loopback filter not blocking traffic despite having discard term.

Severity Score

6.9

*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface. The intended function is that the lo0 firewall filter takes precedence over the revenue interface firewall filter.

This issue affects only IPv6 firewall filter.

This issue only affects the EX4300 switch. No other products or platforms are affected by this vulnerability.

This issue affects Juniper Networks Junos OS:

* All versions before 20.4R3-S10,
* from 21.2 before 21.2R3-S7,
* from 21.4 before 21.4R3-S6.

Un orden de comportamiento incorrecto en el motor de enrutamiento (RE) de Juniper Networks Junos OS en la serie EX4300 permite que el tráfico destinado al dispositivo llegue al RE en lugar de descartarse cuando el término de descarte se establece en la interfaz de bucle invertido (lo0). La función prevista es que el filtro de firewall lo0 tenga prioridad sobre el filtro de firewall de la interfaz de ingresos. Este problema afecta únicamente al filtro de firewall IPv6. Este problema sólo afecta al conmutador EX4300. Ningún otro producto o plataforma se ve afectado por esta vulnerabilidad. Este problema afecta a Juniper Networks Junos OS: * Todas las versiones anteriores a 20.4R3-S10, * desde 21.2 anterior a 21.2R3-S7, * desde 21.4 anterior a 21.4R3-S6.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

None

User Interaction

None

System

Vulnerable | Subsequent

Confidentiality

None

Integrity

None

Low

Availability

None

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

Low

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-03-26 CVE Reserved
2024-04-12 CVE Published
2024-04-21 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-696: Incorrect Behavior Order

CAPEC

References (2)

URL	Tag	Source
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N	Technical Description

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://supportportal.juniper.net/JSA79100	2024-05-16

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Juniper Networks Search vendor "Juniper Networks"		Junos Search vendor "Juniper Networks" for product "Junos"				< 20.4R3-S10 Search vendor "Juniper Networks" for product "Junos" and version " < 20.4R3-S10"		en		Affected
Juniper Networks Search vendor "Juniper Networks"		Junos Search vendor "Juniper Networks" for product "Junos"				>= 21.2 < 21.2R3-S7 Search vendor "Juniper Networks" for product "Junos" and version " >= 21.2 < 21.2R3-S7"		en		Affected
Juniper Networks Search vendor "Juniper Networks"		Junos Search vendor "Juniper Networks" for product "Junos"				>= 21.4 < 21.4R3-S6 Search vendor "Juniper Networks" for product "Junos" and version " >= 21.4 < 21.4R3-S6"		en		Affected