CVE-2024-39541
published 2024-07-11CVE-2024-39541: An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an…
high7.1CVSS 4.0
AVAACLATNPRNUINVCNVINVAHSCNSINSALEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).
When conflicting information (IP or ISO addresses) about a node is added to the Traffic Engineering (TE) database and then a subsequent operation attempts to process these, rpd will crash and restart.
This issue affects:
Junos OS:
* 22.4 versions before 22.4R3-S1,
* 23.2 versions before 23.2R2,
* 23.4 versions before 23.4R1-S1, 23.4R2,
This issue does not affect Junos OS versions earlier than 22.4R1.
Junos OS Evolved:
* 22.4-EVO versions before 22.4R3-S2-EVO,
* 23.2-EVO versions before 23.2R2-EVO,
* 23.4-EVO versions before 23.4R1-S1-EVO, 23.4R2-EVO,
This issue does not affect Junos OS Evolved versions earlier than
before 22.4R1.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos_os | — | — |
| juniper | junos_os_evolved | — | — |
| juniper | junos_os_evolved | — | — |
| juniper | junos_os_evolved | — | — |
| juniper_networks | junos_os | >= 22.4 < 22.4R3-S1 | 22.4R3-S1 |
| juniper_networks | junos_os | >= 23.2 < 23.2R2 | 23.2R2 |
| juniper_networks | junos_os | >= 23.4 < 23.4R1-S1, 23.4R2 | 23.4R1-S1, 23.4R2 |
| juniper_networks | junos_os_evolved | >= 22.4-EVO < 22.4R3-S2-EVO | 22.4R3-S2-EVO |
| juniper_networks | junos_os_evolved | >= 23.2-EVO < 23.2R2-EVO | 23.2R2-EVO |
| juniper_networks | junos_os_evolved | >= 23.4-EVO < 23.4R1-S1-EVO, 23.4R2-EVO | 23.4R1-S1-EVO, 23.4R2-EVO |