CVE-2024-39513
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows a local, low-privileged attacker to cause a Denial of Service (DoS).
When a specific "clear" command is run, the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) crashes and restarts.
The crash impacts all traffic going through the FPCs, causing a DoS. Running the command repeatedly leads to a sustained DoS condition. This issue affects Junos OS Evolved:
- All versions before 20.4R3-S9-EVO,
- from 21.2-EVO before 21.2R3-S7-EVO,
- from 21.3-EVO before 21.3R3-S5-EVO,
- from 21.4-EVO before 21.4R3-S6-EVO,
- from 22.1-EVO before 22.1R3-S4-EVO,
- from 22.2-EVO before 22.2R3-S3-EVO,
- from 22.3-EVO before 22.3R3-S3-EVO,
- from 22.4-EVO before 22.4R3-EVO,
- from 23.2-EVO before 23.2R2-EVO.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS Evolved | 0 < 20.4R3-S9-EVO | affected |
| Juniper Networks | Junos OS Evolved | 21.2-EVO < 21.2R3-S7-EVO | affected |
| Juniper Networks | Junos OS Evolved | 21.3-EVO < 21.3R3-S5-EVO | affected |
| Juniper Networks | Junos OS Evolved | 21.4-EVO < 21.4R3-S6-EVO | affected |
| Juniper Networks | Junos OS Evolved | 22.1-EVO < 22.1R3-S4-EVO | affected |
| Juniper Networks | Junos OS Evolved | 22.2-EVO < 22.2R3-S3-EVO | affected |
| Juniper Networks | Junos OS Evolved | 22.3-EVO < 22.3R3-S3-EVO | affected |
| Juniper Networks | Junos OS Evolved | 22.4-EVO < 22.4R3-EVO | affected |
| Juniper Networks | Junos OS Evolved | 23.2-EVO < 23.2R2-EVO | affected |
Weaknesses
- CWE-20: CWE-20 Improper Input Validation
Workarounds
There are no known workarounds for this issue.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.