CVE-2024-39530Improper Check for Unusual or Exceptional Conditions in Networks Junos OS

CWE-754Improper Check for Unusual or Exceptional Conditions4 documents4 sources
Severity
8.7HIGHNVD
EPSS
0.4%
top 39.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJul 11

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis management daemon (chassisd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an attempt is made to access specific sensors on platforms not supporting these sensors, either via GRPC or netconf, chassisd will crash and restart leading to a restart of all FPCs and thereby a complete outage. This issue affects Junos OS: * 21.4 versions from

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

CVEListV5juniper_networks/junos_os21.4R321.4R3-S5+4
NVDjuniper/junos5 versions+4

🔴Vulnerability Details

2
CVEList
Junos OS: Attempting to access specific sensors on platforms not supporting these will lead to a chassisd crash2024-07-11
GHSA
GHSA-jfwc-jh6j-8hrp: An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis management daemon (chassisd) of Juniper Networks Junos OS allows2024-07-11

📋Vendor Advisories

1
Juniper
CVE-2024-39530: An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis management daemon (chassisd) of Juniper Networks Junos OS allows2024-07-11
CVE-2024-39530 — Networks Junos OS vulnerability | cvebase