{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-30388", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2024-03-26T23:06:17.993Z", "datePublished": "2024-04-12T15:09:12.944Z", "dateUpdated": "2024-08-02T01:32:07.381Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["QFX5000 Series", "EX Series"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "20.4R3-S8", "status": "affected", "version": "20.4R3-S4", "versionType": "semver"}, {"lessThan": "21.2R3-S6", "status": "affected", "version": "21.2R3-S2", "versionType": "semver"}, {"lessThan": "21.4R3-S4", "status": "affected", "version": "21.4R2", "versionType": "semver"}, {"lessThan": "22.1R3-S3", "status": "affected", "version": "22.1R2", "versionType": "semver"}, {"lessThan": "22.2R3-S1", "status": "affected", "version": "22.2", "versionType": "semver"}, {"lessThan": "22.3R2-S2, 22.3R3", "status": "affected", "version": "22.3", "versionType": "semver"}, {"lessThan": "22.4R2-S1, 22.4R3", "status": "affected", "version": "22.4", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">To be affected by this issue the device must have an LACP configuration as shown in the following example must be present</span>:<br><br>&nbsp; [ interfaces &lt;interface&gt; ...ether-options&nbsp;802.3ad ae&lt;number&gt; ]<br>&nbsp; [ interfaces ae&lt;number&gt; aggregated-ether-options lacp ]<br>"}], "value": "To be affected by this issue the device must have an LACP configuration as shown in the following example must be present:\n\n\u00a0 [ interfaces <interface> ...ether-options\u00a0802.3ad ae<number> ]\n\u00a0 [ interfaces ae<number> aggregated-ether-options lacp ]"}], "datePublic": "2024-04-10T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).<br><br>If a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss.<br><p>This issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series:</p><p></p><ul><li>20.4 versions from \n\n<span style=\"background-color: rgb(255, 255, 255);\">20.4R3-S4</span>\n\nbefore 20.4R3-S8,</li><li><span style=\"background-color: var(--wht);\">21.2 versions from \n\n<span style=\"background-color: rgb(255, 255, 255);\">21.2R3-S2</span>\n\nbefore 21.2R3-S6,</span></li><li><span style=\"background-color: var(--wht);\">21.4 versions from \n\n<span style=\"background-color: rgb(255, 255, 255);\">21.4R2</span>\n\nbefore 21.4R3-S4,</span><br></li><li>22.1 versions from\n\n<span style=\"background-color: rgb(255, 255, 255);\">22.1R2</span>\n\n before 22.1R3-S3,</li><li>22.2 versions before 22.2R3-S1,</li><li>22.3 versions before 22.3R2-S2, 22.3R3,</li><li>22.4 versions before 22.4R2-S1, 22.4R3.</li></ul><p></p>"}], "value": "An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nIf a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss.\nThis issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series:\n\n\n\n * 20.4 versions from \n\n20.4R3-S4\n\nbefore 20.4R3-S8,\n * 21.2 versions from \n\n21.2R3-S2\n\nbefore 21.2R3-S6,\n * 21.4 versions from \n\n21.4R2\n\nbefore 21.4R3-S4,\n\n * 22.1 versions from\n\n22.1R2\n\n before 22.1R3-S3,\n * 22.2 versions before 22.2R3-S1,\n * 22.3 versions before 22.3R2-S2, 22.3R3,\n * 22.4 versions before 22.4R2-S1, 22.4R3."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Juniper SIRT is not aware of any malicious exploitation of this vulnerability.</p>"}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 7.1, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"description": "Denial of Service (DoS)", "lang": "en"}]}, {"descriptions": [{"cweId": "CWE-653", "description": "CWE-653: Improper Isolation or Compartmentalization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-05-16T20:18:38.432Z"}, "references": [{"tags": ["vendor-advisory"], "url": "http://supportportal.juniper.net/JSA79089"}, {"tags": ["technical-description"], "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The following software releases have been updated to resolve this specific issue: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases.</p>"}], "value": "The following software releases have been updated to resolve this specific issue: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases."}], "source": {"advisory": "JSA79089", "defect": ["1711783"], "discovery": "USER"}, "timeline": [{"lang": "en", "time": "2024-04-10T16:00:00.000Z", "value": "Initial Publication"}], "title": "Junos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flaps", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>There are no known workarounds for this issue.</p>"}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-av217"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-31T16:25:58.944143Z", "id": "CVE-2024-30388", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T16:26:57.448Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:32:07.381Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "http://supportportal.juniper.net/JSA79089"}, {"tags": ["technical-description", "x_transferred"], "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://supportportal.juniper.net/JSA79089", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "tags": ["technical-description", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:32:07.381Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-30388", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-31T16:25:58.944143Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T16:26:54.240Z"}}], "cna": {"title": "Junos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flaps", "source": {"defect": ["1711783"], "advisory": "JSA79089", "discovery": "USER"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.1, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Juniper Networks", "product": "Junos OS", "versions": [{"status": "affected", "version": "20.4R3-S4", "lessThan": "20.4R3-S8", "versionType": "semver"}, {"status": "affected", "version": "21.2R3-S2", "lessThan": "21.2R3-S6", "versionType": "semver"}, {"status": "affected", "version": "21.4R2", "lessThan": "21.4R3-S4", "versionType": "semver"}, {"status": "affected", "version": "22.1R2", "lessThan": "22.1R3-S3", "versionType": "semver"}, {"status": "affected", "version": "22.2", "lessThan": "22.2R3-S1", "versionType": "semver"}, {"status": "affected", "version": "22.3", "lessThan": "22.3R2-S2, 22.3R3", "versionType": "semver"}, {"status": "affected", "version": "22.4", "lessThan": "22.4R2-S1, 22.4R3", "versionType": "semver"}], "platforms": ["QFX5000 Series", "EX Series"], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "<p>Juniper SIRT is not aware of any malicious exploitation of this vulnerability.</p>", "base64": false}]}], "timeline": [{"lang": "en", "time": "2024-04-10T16:00:00.000Z", "value": "Initial Publication"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases.", "supportingMedia": [{"type": "text/html", "value": "<p>The following software releases have been updated to resolve this specific issue: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases.</p>", "base64": false}]}], "datePublic": "2024-04-10T16:00:00.000Z", "references": [{"url": "http://supportportal.juniper.net/JSA79089", "tags": ["vendor-advisory"]}, {"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "tags": ["technical-description"]}], "workarounds": [{"lang": "en", "value": "There are no known workarounds for this issue.", "supportingMedia": [{"type": "text/html", "value": "<p>There are no known workarounds for this issue.</p>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-av217"}, "descriptions": [{"lang": "en", "value": "An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nIf a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss.\nThis issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series:\n\n\n\n * 20.4 versions from \n\n20.4R3-S4\n\nbefore 20.4R3-S8,\n * 21.2 versions from \n\n21.2R3-S2\n\nbefore 21.2R3-S6,\n * 21.4 versions from \n\n21.4R2\n\nbefore 21.4R3-S4,\n\n * 22.1 versions from\n\n22.1R2\n\n before 22.1R3-S3,\n * 22.2 versions before 22.2R3-S1,\n * 22.3 versions before 22.3R2-S2, 22.3R3,\n * 22.4 versions before 22.4R2-S1, 22.4R3.", "supportingMedia": [{"type": "text/html", "value": "An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).<br><br>If a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss.<br><p>This issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series:</p><p></p><ul><li>20.4 versions from \n\n<span style=\"background-color: rgb(255, 255, 255);\">20.4R3-S4</span>\n\nbefore 20.4R3-S8,</li><li><span style=\"background-color: var(--wht);\">21.2 versions from \n\n<span style=\"background-color: rgb(255, 255, 255);\">21.2R3-S2</span>\n\nbefore 21.2R3-S6,</span></li><li><span style=\"background-color: var(--wht);\">21.4 versions from \n\n<span style=\"background-color: rgb(255, 255, 255);\">21.4R2</span>\n\nbefore 21.4R3-S4,</span><br></li><li>22.1 versions from\n\n<span style=\"background-color: rgb(255, 255, 255);\">22.1R2</span>\n\n before 22.1R3-S3,</li><li>22.2 versions before 22.2R3-S1,</li><li>22.3 versions before 22.3R2-S2, 22.3R3,</li><li>22.4 versions before 22.4R2-S1, 22.4R3.</li></ul><p></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Denial of Service (DoS)"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-653", "description": "CWE-653: Improper Isolation or Compartmentalization"}]}], "configurations": [{"lang": "en", "value": "To be affected by this issue the device must have an LACP configuration as shown in the following example must be present:\n\n\u00a0 [ interfaces <interface> ...ether-options\u00a0802.3ad ae<number> ]\n\u00a0 [ interfaces ae<number> aggregated-ether-options lacp ]", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">To be affected by this issue the device must have an LACP configuration as shown in the following example must be present</span>:<br><br>&nbsp; [ interfaces &lt;interface&gt; ...ether-options&nbsp;802.3ad ae&lt;number&gt; ]<br>&nbsp; [ interfaces ae&lt;number&gt; aggregated-ether-options lacp ]<br>", "base64": false}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-05-16T20:18:38.432Z"}}}, "cveMetadata": {"cveId": "CVE-2024-30388", "state": "PUBLISHED", "dateUpdated": "2024-08-02T01:32:07.381Z", "dateReserved": "2024-03-26T23:06:17.993Z", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "datePublished": "2024-04-12T15:09:12.944Z", "assignerShortName": "juniper"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nIf a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss.\nThis issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series:\n\n\n\n * 20.4 versions from \n\n20.4R3-S4\n\nbefore 20.4R3-S8,\n * 21.2 versions from \n\n21.2R3-S2\n\nbefore 21.2R3-S6,\n * 21.4 versions from \n\n21.4R2\n\nbefore 21.4R3-S4,\n\n * 22.1 versions from\n\n22.1R2\n\n before 22.1R3-S3,\n * 22.2 versions before 22.2R3-S1,\n * 22.3 versions before 22.3R2-S2, 22.3R3,\n * 22.4 versions before 22.4R2-S1, 22.4R3."}, {"lang": "es", "value": "Una vulnerabilidad de aislamiento o compartimentaci\u00f3n incorrecta en el motor de reenv\u00edo de paquetes (pfe) de Juniper Networks Junos OS en las series QFX5000 y EX permite que un atacante adyacente no autenticado provoque una denegaci\u00f3n de servicio (DoS). Si un paquete LACP espec\u00edfico con formato incorrecto es recibido por un dispositivo de la serie QFX5000 o un dispositivo de la serie EX4400, EX4100 o EX4650, se producir\u00e1 una falla de LACP que provocar\u00e1 una p\u00e9rdida de tr\u00e1fico. Este problema afecta a Junos OS en la serie QFX5000 y en las series EX4400, EX4100 o EX4650: * versiones 20.4 desde 20.4R3-S4 antes de 20.4R3-S8, * versiones 21.2 desde 21.2R3-S2 antes de 21.2R3-S6, * versiones 21.4 de 21.4R2 anterior a 21.4R3-S4, * 22.1 versiones anteriores a 22.1R2 anterior a 22.1R3-S3, * 22.2 versiones anteriores a 22.2R3-S1, * 22.3 versiones anteriores a 22.3R2-S2, 22.3R3, * 22.4 versiones anteriores a 22.4R2-S1, 22.4R3."}], "id": "CVE-2024-30388", "lastModified": "2024-11-21T09:11:49.483", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "LOW", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "NONE"}, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2024-04-12T16:15:38.093", "references": [{"source": "sirt@juniper.net", "url": "http://supportportal.juniper.net/JSA79089"}, {"source": "sirt@juniper.net", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://supportportal.juniper.net/JSA79089"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-653"}], "source": "sirt@juniper.net", "type": "Secondary"}]}

{}

{"created": "2025-07-12T23:06:39.969515+00:00", "updated": "2025-07-12T23:06:39.969618+00:00", "vendors": ["juniper_networks", "juniper_networks$PRODUCT$junos_os"]}