6.9

CVE-2024-30389

An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device.

When an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic.
This issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6.
This issue does not affect Junos OS releases earlier than 21.4R1.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version21.4 Updater1
   JuniperEx4300 Version-
   JuniperEx4300-24p Version-
   JuniperEx4300-24p-s Version-
   JuniperEx4300-24t Version-
   JuniperEx4300-24t-s Version-
   JuniperEx4300-32f Version-
   JuniperEx4300-32f-dc Version-
   JuniperEx4300-32f-s Version-
   JuniperEx4300-48mp Version-
   JuniperEx4300-48mp-s Version-
   JuniperEx4300-48p Version-
   JuniperEx4300-48p-s Version-
   JuniperEx4300-48t Version-
   JuniperEx4300-48t-afi Version-
   JuniperEx4300-48t-dc Version-
   JuniperEx4300-48t-dc-afi Version-
   JuniperEx4300-48t-s Version-
JuniperJunos Version21.4 Updater1-s1
   JuniperEx4300 Version-
   JuniperEx4300-24p Version-
   JuniperEx4300-24p-s Version-
   JuniperEx4300-24t Version-
   JuniperEx4300-24t-s Version-
   JuniperEx4300-32f Version-
   JuniperEx4300-32f-dc Version-
   JuniperEx4300-32f-s Version-
   JuniperEx4300-48mp Version-
   JuniperEx4300-48mp-s Version-
   JuniperEx4300-48p Version-
   JuniperEx4300-48p-s Version-
   JuniperEx4300-48t Version-
   JuniperEx4300-48t-afi Version-
   JuniperEx4300-48t-dc Version-
   JuniperEx4300-48t-dc-afi Version-
   JuniperEx4300-48t-s Version-
JuniperJunos Version21.4 Updater1-s2
   JuniperEx4300 Version-
   JuniperEx4300-24p Version-
   JuniperEx4300-24p-s Version-
   JuniperEx4300-24t Version-
   JuniperEx4300-24t-s Version-
   JuniperEx4300-32f Version-
   JuniperEx4300-32f-dc Version-
   JuniperEx4300-32f-s Version-
   JuniperEx4300-48mp Version-
   JuniperEx4300-48mp-s Version-
   JuniperEx4300-48p Version-
   JuniperEx4300-48p-s Version-
   JuniperEx4300-48t Version-
   JuniperEx4300-48t-afi Version-
   JuniperEx4300-48t-dc Version-
   JuniperEx4300-48t-dc-afi Version-
   JuniperEx4300-48t-s Version-
JuniperJunos Version21.4 Updater2
   JuniperEx4300 Version-
   JuniperEx4300-24p Version-
   JuniperEx4300-24p-s Version-
   JuniperEx4300-24t Version-
   JuniperEx4300-24t-s Version-
   JuniperEx4300-32f Version-
   JuniperEx4300-32f-dc Version-
   JuniperEx4300-32f-s Version-
   JuniperEx4300-48mp Version-
   JuniperEx4300-48mp-s Version-
   JuniperEx4300-48p Version-
   JuniperEx4300-48p-s Version-
   JuniperEx4300-48t Version-
   JuniperEx4300-48t-afi Version-
   JuniperEx4300-48t-dc Version-
   JuniperEx4300-48t-dc-afi Version-
   JuniperEx4300-48t-s Version-
JuniperJunos Version21.4 Updater2-s1
   JuniperEx4300 Version-
   JuniperEx4300-24p Version-
   JuniperEx4300-24p-s Version-
   JuniperEx4300-24t Version-
   JuniperEx4300-24t-s Version-
   JuniperEx4300-32f Version-
   JuniperEx4300-32f-dc Version-
   JuniperEx4300-32f-s Version-
   JuniperEx4300-48mp Version-
   JuniperEx4300-48mp-s Version-
   JuniperEx4300-48p Version-
   JuniperEx4300-48p-s Version-
   JuniperEx4300-48t Version-
   JuniperEx4300-48t-afi Version-
   JuniperEx4300-48t-dc Version-
   JuniperEx4300-48t-dc-afi Version-
   JuniperEx4300-48t-s Version-
JuniperJunos Version21.4 Updater2-s2
   JuniperEx4300 Version-
   JuniperEx4300-24p Version-
   JuniperEx4300-24p-s Version-
   JuniperEx4300-24t Version-
   JuniperEx4300-24t-s Version-
   JuniperEx4300-32f Version-
   JuniperEx4300-32f-dc Version-
   JuniperEx4300-32f-s Version-
   JuniperEx4300-48mp Version-
   JuniperEx4300-48mp-s Version-
   JuniperEx4300-48p Version-
   JuniperEx4300-48p-s Version-
   JuniperEx4300-48t Version-
   JuniperEx4300-48t-afi Version-
   JuniperEx4300-48t-dc Version-
   JuniperEx4300-48t-dc-afi Version-
   JuniperEx4300-48t-s Version-
JuniperJunos Version21.4 Updater3
   JuniperEx4300 Version-
   JuniperEx4300-24p Version-
   JuniperEx4300-24p-s Version-
   JuniperEx4300-24t Version-
   JuniperEx4300-24t-s Version-
   JuniperEx4300-32f Version-
   JuniperEx4300-32f-dc Version-
   JuniperEx4300-32f-s Version-
   JuniperEx4300-48mp Version-
   JuniperEx4300-48mp-s Version-
   JuniperEx4300-48p Version-
   JuniperEx4300-48p-s Version-
   JuniperEx4300-48t Version-
   JuniperEx4300-48t-afi Version-
   JuniperEx4300-48t-dc Version-
   JuniperEx4300-48t-dc-afi Version-
   JuniperEx4300-48t-s Version-
JuniperJunos Version21.4 Updater3-s1
   JuniperEx4300 Version-
   JuniperEx4300-24p Version-
   JuniperEx4300-24p-s Version-
   JuniperEx4300-24t Version-
   JuniperEx4300-24t-s Version-
   JuniperEx4300-32f Version-
   JuniperEx4300-32f-dc Version-
   JuniperEx4300-32f-s Version-
   JuniperEx4300-48mp Version-
   JuniperEx4300-48mp-s Version-
   JuniperEx4300-48p Version-
   JuniperEx4300-48p-s Version-
   JuniperEx4300-48t Version-
   JuniperEx4300-48t-afi Version-
   JuniperEx4300-48t-dc Version-
   JuniperEx4300-48t-dc-afi Version-
   JuniperEx4300-48t-s Version-
JuniperJunos Version21.4 Updater3-s2
   JuniperEx4300 Version-
   JuniperEx4300-24p Version-
   JuniperEx4300-24p-s Version-
   JuniperEx4300-24t Version-
   JuniperEx4300-24t-s Version-
   JuniperEx4300-32f Version-
   JuniperEx4300-32f-dc Version-
   JuniperEx4300-32f-s Version-
   JuniperEx4300-48mp Version-
   JuniperEx4300-48mp-s Version-
   JuniperEx4300-48p Version-
   JuniperEx4300-48p-s Version-
   JuniperEx4300-48t Version-
   JuniperEx4300-48t-afi Version-
   JuniperEx4300-48t-dc Version-
   JuniperEx4300-48t-dc-afi Version-
   JuniperEx4300-48t-s Version-
JuniperJunos Version21.4 Updater3-s3
   JuniperEx4300 Version-
   JuniperEx4300-24p Version-
   JuniperEx4300-24p-s Version-
   JuniperEx4300-24t Version-
   JuniperEx4300-24t-s Version-
   JuniperEx4300-32f Version-
   JuniperEx4300-32f-dc Version-
   JuniperEx4300-32f-s Version-
   JuniperEx4300-48mp Version-
   JuniperEx4300-48mp-s Version-
   JuniperEx4300-48p Version-
   JuniperEx4300-48p-s Version-
   JuniperEx4300-48t Version-
   JuniperEx4300-48t-afi Version-
   JuniperEx4300-48t-dc Version-
   JuniperEx4300-48t-dc-afi Version-
   JuniperEx4300-48t-s Version-
JuniperJunos Version21.4 Updater3-s4
   JuniperEx4300 Version-
   JuniperEx4300-24p Version-
   JuniperEx4300-24p-s Version-
   JuniperEx4300-24t Version-
   JuniperEx4300-24t-s Version-
   JuniperEx4300-32f Version-
   JuniperEx4300-32f-dc Version-
   JuniperEx4300-32f-s Version-
   JuniperEx4300-48mp Version-
   JuniperEx4300-48mp-s Version-
   JuniperEx4300-48p Version-
   JuniperEx4300-48p-s Version-
   JuniperEx4300-48t Version-
   JuniperEx4300-48t-afi Version-
   JuniperEx4300-48t-dc Version-
   JuniperEx4300-48t-dc-afi Version-
   JuniperEx4300-48t-s Version-
JuniperJunos Version21.4 Updater3-s5
   JuniperEx4300 Version-
   JuniperEx4300-24p Version-
   JuniperEx4300-24p-s Version-
   JuniperEx4300-24t Version-
   JuniperEx4300-24t-s Version-
   JuniperEx4300-32f Version-
   JuniperEx4300-32f-dc Version-
   JuniperEx4300-32f-s Version-
   JuniperEx4300-48mp Version-
   JuniperEx4300-48mp-s Version-
   JuniperEx4300-48p Version-
   JuniperEx4300-48p-s Version-
   JuniperEx4300-48t Version-
   JuniperEx4300-48t-afi Version-
   JuniperEx4300-48t-dc Version-
   JuniperEx4300-48t-dc-afi Version-
   JuniperEx4300-48t-s Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.16% 0.377
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
sirt@juniper.net 6.9 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
sirt@juniper.net 5.8 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CWE-696 Incorrect Behavior Order

The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produce resultant weaknesses.