PT-2024-5572 · Juniper Networks · Junos Evolved
Published
2024-06-25
·
Updated
2024-07-11
·
CVE-2024-39535
CVSS v4.0
7.1
High
| Vector | AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Juniper Networks Junos OS Evolved versions 22.4R2-S1 through 22.4R2-S2
Description
The issue is related to an Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved. This vulnerability can be exploited by an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS) when specific traffic is received on a device with a Layer 3 or an IRB interface configured in a VPLS instance, leading to the evo-pfemand processes crashing and a service outage for the respective FPC until manual recovery.
Recommendations
For versions 22.4R2-S1 and 22.4R2-S2, update to version 22.4R3 to resolve the issue. As a temporary workaround, consider restricting traffic to the affected interface or implementing additional monitoring to quickly identify and respond to potential service outages.
Fix
Improper Check for Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos Evolved