CVE-2024-39519Improper Check for Unusual or Exceptional Conditions in Networks Junos OS Evolved

CWE-754Improper Check for Unusual or Exceptional Conditions4 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.2%
top 52.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OS EvolvedJuniper Junos OS Evolved
Timeline
PublishedJul 11

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). On all ACX 7000 Series platforms running Junos OS Evolved, and configured with IRBs, if a Customer Edge device (CE) device is dual homed to two Provider Edge devices (PE) a traffic loop will occur when the CE sends multicast packets. This issue can be t

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

CVEListV5juniper_networks/junos_os_evolved22.4-EVO22.4R2-EVO+3
NVDjuniper/junos_os_evolved22.222.4+1

🔴Vulnerability Details

2
CVEList
Junos OS Evolved: ACX 7000 Series: Multicast traffic is looped in a multihoming EVPN MPLS scenario2024-07-11
GHSA
GHSA-cr76-625x-q34w: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on AC2024-07-11

📋Vendor Advisories

1
Juniper
CVE-2024-39519: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on AC2024-07-11
CVE-2024-39519 — HIGH severity | cvebase