CVE-2024-39548 — Uncontrolled Resource Consumption in Networks Junos OS Evolved

CWE-400 — Uncontrolled Resource Consumption4 documents4 sources

Severity

7.1HIGHNVD

EPSS

0.5%

top 35.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Evolved Juniper Junos OS Evolved

Timeline

PublishedJul 11

Description

An Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to consume memory resources, resulting in a Denial of Service (DoS) condition. The processes do not recover on their own and must be manually restarted. This issue affects both IPv4 and IPv6. Changes in memory usage can be monitored using the following CLI command: user@device> show system memory node | grep evo-aftmann This issue affe…

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os_evolved21.3 — 21.3R3-S5-EVO+7

▶NVDjuniper/junos_os_evolved< 21.2+8

🔴Vulnerability Details

GHSA

GHSA-v47j-c7r7-829c: An Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks Junos OS Evolved allows an unauthenticated, network-base↗2024-07-11

▶

CVEList

Junos OS Evolved: Receipt of specific packets in the aftmand process will lead to a memory leak↗2024-07-11

▶

📋Vendor Advisories

Juniper

CVE-2024-39548: An Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks Junos OS Evolved allows an unauthenticated, network-base↗2024-07-11

▶