CVE-2024-39551Uncontrolled Resource Consumption in Networks Junos OS

CWE-400Uncontrolled Resource Consumption4 documents4 sources
Severity
8.7HIGHNVD
EPSS
0.5%
top 32.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJul 11

Description

An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of Service (DoS). Continued receipt and processing of these specific packets will sustain the Denial of Service condition. The memory usage can be monitored using the below command. user@host> show usp mem

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

CVEListV5juniper_networks/junos_os20.420.4R3-S10+8
NVDjuniper/junos9 versions+8

🔴Vulnerability Details

2
CVEList
Junos OS: SRX Series and MX Series with SPC3 and MS-MPC/MIC: Receipt of specific packets in H.323 ALG causes traffic drop2024-07-11
GHSA
GHSA-ggg9-6q5p-37j3: An Uncontrolled Resource Consumption vulnerability in the H2024-07-11

📋Vendor Advisories

1
Juniper
CVE-2024-39551: An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway) of  Juniper Networks Junos OS on SRX Series and MX Ser2024-07-11
CVE-2024-39551 — Uncontrolled Resource Consumption | cvebase