CVE-2024-39558 — Unchecked Return Value in Networks Junos OS

CWE-252 — Unchecked Return Value4 documents4 sources

Severity

7.1HIGHNVD

EPSS

0.2%

top 59.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Networks Junos OS Evolved Juniper Junos +1 more

Timeline

PublishedJul 10

Latest updateJul 11

Description

An Unchecked Return Value vulnerability in the Routing Protocol Daemon (rpd) on Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows a logically adjacent, unauthenticated attacker sending a specific PIM packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS), when PIM is configured with Multicast-only Fast Reroute (MoFRR). Continued receipt and processing of this packet may create a sustained Denial of Service (DoS) condition. This issue is observed on…

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os_evolved21.2R1-EVO — 21.2*-EVO+6

▶NVDjuniper/junos_os_evolved21.2 — 21.3+7

▶CVEListV5juniper_networks/junos_os21.2 — 21.2R3-S7+6

▶NVDjuniper/junos< 20.4+7

🔴Vulnerability Details

GHSA

GHSA-g4g7-53j7-gxq9: An Unchecked Return Value vulnerability in the Routing Protocol Daemon (rpd) on Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows↗2024-07-11

▶

CVEList

Junos OS and Junos OS Evolved: Receipt of specific PIM packet causes rpd crash when PIM is configured along with MoFRR↗2024-07-10

▶

📋Vendor Advisories

Juniper

CVE-2024-39558: An Unchecked Return Value vulnerability in the Routing Protocol Daemon (rpd) on Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows↗2024-07-10

▶