CVE-2024-39513 — Improper Input Validation in Networks Junos OS Evolved

CWE-20 — Improper Input Validation4 documents4 sources

Severity

6.8MEDIUMNVD

EPSS

0.1%

top 84.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Evolved Juniper Junos OS Evolved

Timeline

PublishedJul 10

Latest updateJul 11

Description

An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows a local, low-privileged attacker to cause a Denial of Service (DoS). When a specific "clear" command is run, the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) crashes and restarts. The crash impacts all traffic going through the FPCs, causing a DoS. Running the command repeatedly leads to a sustained DoS condition. This issue affects Junos OS Evo…

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os_evolved21.2-EVO — 21.2R3-S7-EVO+8

▶NVDjuniper/junos_os_evolved< 20.4+9

🔴Vulnerability Details

GHSA

GHSA-c6q5-vmh3-8544: An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows a local, low-privileged a↗2024-07-11

▶

CVEList

Junos OS Evolved: Execution of a specific CLI command will cause a crash in the AFT manager↗2024-07-10

▶

📋Vendor Advisories

Juniper

CVE-2024-39513: An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows a local, low-privileged a↗2024-07-10

▶