8.7
CVE-2024-30382
- EPSS 0.49%
- Published 12.04.2024 16:15:37
- Last modified 06.02.2025 20:37:07
- Source sirt@juniper.net
- Teams watchlist Login
- Open Login
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial of Service (DoS). This issue can only be triggered when the system is configured for CoS-based forwarding (CBF) with a policy map containing a cos-next-hop-map action (see below). This issue affects: Junos OS: * all versions before 20.4R3-S10, * from 21.2 before 21.2R3-S8, * from 21.3 before 21.3R3, * from 21.4 before 21.4R3, * from 22.1 before 22.1R2; Junos OS Evolved: * all versions before 21.2R3-S8-EVO, * from 21.3 before 21.3R3-EVO, * from 21.4 before 21.4R3-EVO, * from 22.1 before 22.1R2-EVO.
Data is provided by the National Vulnerability Database (NVD)
Juniper ≫ Junos Os Evolved Version < 21.2
Juniper ≫ Junos Os Evolved Version21.2 Update-
Juniper ≫ Junos Os Evolved Version21.2 Updater1
Juniper ≫ Junos Os Evolved Version21.2 Updater1-s1
Juniper ≫ Junos Os Evolved Version21.2 Updater1-s2
Juniper ≫ Junos Os Evolved Version21.2 Updater2
Juniper ≫ Junos Os Evolved Version21.2 Updater2-s1
Juniper ≫ Junos Os Evolved Version21.2 Updater2-s2
Juniper ≫ Junos Os Evolved Version21.2 Updater3
Juniper ≫ Junos Os Evolved Version21.2 Updater3-s1
Juniper ≫ Junos Os Evolved Version21.2 Updater3-s2
Juniper ≫ Junos Os Evolved Version21.2 Updater3-s3
Juniper ≫ Junos Os Evolved Version21.2 Updater3-s4
Juniper ≫ Junos Os Evolved Version21.2 Updater3-s5
Juniper ≫ Junos Os Evolved Version21.2 Updater3-s6
Juniper ≫ Junos Os Evolved Version21.2 Updater3-s7
Juniper ≫ Junos Os Evolved Version21.3 Update-
Juniper ≫ Junos Os Evolved Version21.3 Updater1
Juniper ≫ Junos Os Evolved Version21.3 Updater1-s1
Juniper ≫ Junos Os Evolved Version21.3 Updater2
Juniper ≫ Junos Os Evolved Version21.3 Updater2-s1
Juniper ≫ Junos Os Evolved Version21.3 Updater2-s2
Juniper ≫ Junos Os Evolved Version21.4 Update-
Juniper ≫ Junos Os Evolved Version21.4 Updater1
Juniper ≫ Junos Os Evolved Version21.4 Updater1-s1
Juniper ≫ Junos Os Evolved Version21.4 Updater1-s2
Juniper ≫ Junos Os Evolved Version21.4 Updater2
Juniper ≫ Junos Os Evolved Version21.4 Updater2-s1
Juniper ≫ Junos Os Evolved Version21.4 Updater2-s2
Juniper ≫ Junos Os Evolved Version22.1 Update-
Juniper ≫ Junos Os Evolved Version22.1 Updater1
Juniper ≫ Junos Os Evolved Version22.1 Updater1-s1
Juniper ≫ Junos Os Evolved Version22.1 Updater1-s2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.49% | 0.646 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| sirt@juniper.net | 8.7 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| sirt@juniper.net | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-755 Improper Handling of Exceptional Conditions
The product does not handle or incorrectly handles an exceptional condition.