CVE-2024-30390 — Improper Restriction of Excessive Authentication Attempts in Networks Junos OS Evolved

CWE-307 — Improper Restriction of Excessive Authentication Attempts4 documents4 sources

Severity

6.9MEDIUMNVD

EPSS

0.1%

top 77.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Evolved Juniper Junos OS Evolved

Timeline

PublishedApr 12

Description

An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited Denial of Service (DoS) to the management plane. When an incoming connection was blocked because it exceeded the connections-per-second rate-limit, the system doesn't consider existing connections anymore for subsequent connection attempts so that the connection limit can be exceeded. This issue affects Junos OS Evol…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os_evolved22.1-EVO — 22.1R3-S3-EVO+3

▶NVDjuniper/junos_os_evolved< 21.4+4

🔴Vulnerability Details

CVEList

Junos OS Evolved: Connection limits is not being enforced while the resp. rate limit is being enforced↗2024-04-12

▶

GHSA

GHSA-6w72-x59c-h2c9: An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-bas↗2024-04-12

▶

📋Vendor Advisories

Juniper

CVE-2024-30390: An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-bas↗2024-04-12

▶