CVE-2024-39511

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 20.4R3-S10 Junos OS versions 21.2 prior to 21.2R3-S7 Junos OS versions 21.4 prior to 21.4R3-S6 Junos OS versions 22.1 prior to 22.1R3-S5 Junos OS versions 22.2 prior to 22.2R3-S3 Junos OS versions 22.3 prior to 22.3R3-S2 Junos OS versions 22.4 prior to 22.4R3-S1 Junos OS versions 23.2 prior to 23.2R2

Description An Improper Input Validation vulnerability in the 802.1X Authentication (dot1x) Daemon of Juniper Networks Junos OS allows a local, low-privileged attacker with access to the CLI to cause a Denial of Service (DoS). On running a specific operational dot1x command, the dot1x daemon crashes. An attacker can cause a sustained DoS condition by running this command repeatedly. When the crash occurs, the authentication status of any 802.1x clients is cleared, and any authorized dot1x port becomes unauthorized. The client cannot re-authenticate until the dot1x daemon restarts.

Recommendations For Junos OS versions prior to 20.4R3-S10, update to version 20.4R3-S10 or later. For Junos OS versions 21.2 prior to 21.2R3-S7, update to version 21.2R3-S7 or later. For Junos OS versions 21.4 prior to 21.4R3-S6, update to version 21.4R3-S6 or later. For Junos OS versions 22.1 prior to 22.1R3-S5, update to version 22.1R3-S5 or later. For Junos OS versions 22.2 prior to 22.2R3-S3, update to version 22.2R3-S3 or later. For Junos OS versions 22.3 prior to 22.3R3-S2, update to version 22.3R3-S2 or later. For Junos OS versions 22.4 prior to 22.4R3-S1, update to version 22.4R3-S1 or later. For Junos OS versions 23.2 prior to 23.2R2, update to version 23.2R2 or later.