PT-2024-2939 · Juniper Networks · Junos+1
Published
2024-04-10
·
Updated
2025-02-06
·
CVE-2024-30409
CVSS v4.0
6.9
Medium
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Junos OS versions 22.1 before 22.1R1-S2, 22.1R2
Junos OS Evolved versions 22.1 before 22.1R1-S2-EVO, 22.1R2-EVO
Description
The issue is related to an Improper Check for Unusual or Exceptional Conditions vulnerability in the telemetry processing of Juniper Networks Junos OS and Junos OS Evolved. This vulnerability allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon (fibtd) to crash, leading to a limited Denial of Service.
Recommendations
For Junos OS versions 22.1 before 22.1R1-S2, 22.1R2, update to version 22.1R1-S2 or 22.1R2 or later.
For Junos OS Evolved versions 22.1 before 22.1R1-S2-EVO, 22.1R2-EVO, update to version 22.1R1-S2-EVO or 22.1R2-EVO or later.
As a temporary workaround, consider disabling the
fibtd daemon until a patch is available.Fix
DoS
Improper Check for Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos
Junos Evolved