CVE-2024-39561 — Improper Check for Unusual or Exceptional Conditions in Networks Junos OS

CWE-754 — Improper Check for Unusual or Exceptional Conditions4 documents4 sources

Severity

6.9MEDIUMNVD

EPSS

0.1%

top 69.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedJul 10

Latest updateJul 11

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an attacker to send TCP packets with SYN/FIN or SYN/RST flags, bypassing the expected blocking of these packets. A TCP packet with SYN/FIN or SYN/RST should be dropped in flowd. However, when no-syn-check and Express Path are enabled, these TCP packets are unexpectedly transferred to the downstream network. This issue affects Jun…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os21.4 — 21.4R3-S7+7

▶NVDjuniper/junos< 21.2+8

🔴Vulnerability Details

GHSA

GHSA-xvm6-65jm-mc4g: An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000↗2024-07-11

▶

CVEList

Junos OS: SRX4600, SRX5000 Series: TCP packets with SYN/FIN or SYN/RST are transferred after enabling no-syn-check with Express Path↗2024-07-10

▶

📋Vendor Advisories

Juniper

CVE-2024-39561: An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000↗2024-07-10

▶