CVE-2024-30389 - OpenCVE

An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic. This issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6. This issue does not affect Junos OS releases earlier than 21.4R1.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact Low

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
http://supportportal.juniper.net/JSA79185
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N

History

No history.

MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2024-04-12T15:24:09.806Z

Updated: 2024-08-02T01:32:07.280Z

Reserved: 2024-03-26T23:06:17.994Z

Link: CVE-2024-30389

Vulnrichment

Updated: 2024-08-02T01:32:07.280Z

NVD

Status : Awaiting Analysis

Published: 2024-04-12T16:15:38.317

Modified: 2024-05-16T21:16:08.867

Link: CVE-2024-30389

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-30389", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2024-03-26T23:06:17.994Z", "datePublished": "2024-04-12T15:24:09.806Z", "dateUpdated": "2024-08-02T01:32:07.280Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["EX4300 Series"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.4R3-S6", "status": "affected", "version": "21.4", "versionType": "semver"}, {"lessThan": "21.4R1", "status": "unaffected", "version": "21.4", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "To be affected by this issue an output firewall filter has to be configured on a interface like in the following example:<br><br>  [ interfaces <interface> unit <unit> family <family> filter output <filter_name> ]"}], "value": "To be affected by this issue an output firewall filter has to be configured on a interface like in the following example:\n\n\u00a0 [\u00a0interfaces <interface> unit <unit> family <family> filter output <filter_name> ]"}], "datePublic": "2024-04-10T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device.<br><br>When an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic.<br><p>This issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6.<br>This issue does not affect Junos OS releases earlier than 21.4R1.</p>"}], "value": "An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device.\n\nWhen an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic.\nThis issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6.\nThis issue does not affect Junos OS releases earlier than 21.4R1."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.9, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-696", "description": "CWE-696 Incorrect Behavior Order", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-05-16T20:20:24.333Z"}, "references": [{"tags": ["vendor-advisory"], "url": "http://supportportal.juniper.net/JSA79185"}, {"tags": ["technical-description"], "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software release has been updated to resolve this specific issue: 21.4R3-S6, and all subsequent releases of this branch."}], "value": "The following software release has been updated to resolve this specific issue: 21.4R3-S6, and all subsequent releases of this branch."}], "source": {"advisory": "JSA79185", "defect": ["1770410"], "discovery": "USER"}, "title": "Junos OS: EX4300 Series: Firewall filter not blocking egress traffic", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>While there is no known workarounds for this issue, it is possible to recover by deactivating and then activating the filter. But please note that the issue might reoccur after a reboot or pfe restart.</p>"}], "value": "While there is no known workarounds for this issue, it is possible to recover by deactivating and then activating the filter. But please note that the issue might reoccur after a reboot or pfe restart."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "juniper", "product": "junos", "cpes": ["cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "21.4", "status": "affected", "lessThan": "21.4r3-s6", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-01T18:21:26.443379Z", "id": "CVE-2024-30389", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-01T18:21:30.321Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:32:07.280Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "http://supportportal.juniper.net/JSA79185"}, {"tags": ["technical-description", "x_transferred"], "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://supportportal.juniper.net/JSA79185", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N", "tags": ["technical-description", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:32:07.280Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-30389", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-01T18:21:26.443379Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*"], "vendor": "juniper", "product": "junos", "versions": [{"status": "affected", "version": "21.4", "lessThan": "21.4r3-s6", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-01T18:21:17.320Z"}}], "cna": {"title": "Junos OS: EX4300 Series: Firewall filter not blocking egress traffic", "source": {"defect": ["1770410"], "advisory": "JSA79185", "discovery": "USER"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Juniper Networks", "product": "Junos OS", "versions": [{"status": "affected", "version": "21.4", "lessThan": "21.4R3-S6", "versionType": "semver"}, {"status": "unaffected", "version": "21.4", "lessThan": "21.4R1", "versionType": "semver"}], "platforms": ["EX4300 Series"], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "base64": false}]}], "solutions": [{"lang": "en", "value": "The following software release has been updated to resolve this specific issue: 21.4R3-S6, and all subsequent releases of this branch.", "supportingMedia": [{"type": "text/html", "value": "The following software release has been updated to resolve this specific issue: 21.4R3-S6, and all subsequent releases of this branch.", "base64": false}]}], "datePublic": "2024-04-10T16:00:00.000Z", "references": [{"url": "http://supportportal.juniper.net/JSA79185", "tags": ["vendor-advisory"]}, {"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N", "tags": ["technical-description"]}], "workarounds": [{"lang": "en", "value": "While there is no known workarounds for this issue, it is possible to recover by deactivating and then activating the filter. But please note that the issue might reoccur after a reboot or pfe restart.", "supportingMedia": [{"type": "text/html", "value": "<p>While there is no known workarounds for this issue, it is possible to recover by deactivating and then activating the filter. But please note that the issue might reoccur after a reboot or pfe restart.</p>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device.\n\nWhen an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic.\nThis issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6.\nThis issue does not affect Junos OS releases earlier than 21.4R1.", "supportingMedia": [{"type": "text/html", "value": "An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device.<br><br>When an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic.<br><p>This issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6.<br>This issue does not affect Junos OS releases earlier than 21.4R1.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-696", "description": "CWE-696 Incorrect Behavior Order"}]}], "configurations": [{"lang": "en", "value": "To be affected by this issue an output firewall filter has to be configured on a interface like in the following example:\n\n\u00a0 [\u00a0interfaces <interface> unit <unit> family <family> filter output <filter_name> ]", "supportingMedia": [{"type": "text/html", "value": "To be affected by this issue an output firewall filter has to be configured on a interface like in the following example:<br><br>  [ interfaces <interface> unit <unit> family <family> filter output <filter_name> ]", "base64": false}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-05-16T20:20:24.333Z"}}}, "cveMetadata": {"cveId": "CVE-2024-30389", "state": "PUBLISHED", "dateUpdated": "2024-08-02T01:32:07.280Z", "dateReserved": "2024-03-26T23:06:17.994Z", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "datePublished": "2024-04-12T15:24:09.806Z", "assignerShortName": "juniper"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device.\n\nWhen an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic.\nThis issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6.\nThis issue does not affect Junos OS releases earlier than 21.4R1."}, {"lang": "es", "value": "Una vulnerabilidad de orden de comportamiento incorrecto en el motor de reenv\u00edo de paquetes (PFE) de Juniper Networks Junos OS en la serie EX4300 permite que un atacante basado en red no autenticado cause un impacto en la integridad de las redes posteriores al dispositivo vulnerable. Cuando se aplica un filtro de firewall de salida a una interfaz, no reconoce los paquetes coincidentes pero permite cualquier tr\u00e1fico. Este problema afecta a las versiones Junos OS 21.4 desde 21.4R1 anteriores a 21.4R3-S6. Este problema no afecta a las versiones de Junos OS anteriores a la 21.4R1."}], "id": "CVE-2024-30389", "lastModified": "2024-05-16T21:16:08.867", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "sirt@juniper.net", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "NONE", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "NONE"}, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2024-04-12T16:15:38.317", "references": [{"source": "sirt@juniper.net", "url": "http://supportportal.juniper.net/JSA79185"}, {"source": "sirt@juniper.net", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-696"}], "source": "sirt@juniper.net", "type": "Secondary"}]}