{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-30401", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2024-03-26T23:06:19.980Z", "datePublished": "2024-04-12T15:26:58.419Z", "dateUpdated": "2024-08-02T01:32:07.287Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["MX Series", "EX9200-15C"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.2R3-S1", "status": "affected", "version": "21.2", "versionType": "semver"}, {"lessThan": "21.4R3", "status": "affected", "version": "21.4", "versionType": "semver"}, {"lessThan": "22.1R2", "status": "affected", "version": "22.1", "versionType": "semver"}, {"lessThan": "22.2R2", "status": "affected", "version": "22.2", "versionType": "semver"}, {"lessThan": "20.3R1", "status": "unaffected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "20.4"}]}], "datePublic": "2024-04-10T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC.<br><br>Through code review, it was determined that the interface definition code for aftman could read beyond a buffer boundary, leading to a stack-based buffer overflow.<br><p>This issue affects Junos OS on MX Series and EX9200-15C:<br></p><ul><li>from 21.2 before 21.2R3-S1, </li><li>from 21.4 before 21.4R3, </li><li>from 22.1 before 22.1R2, </li><li>from 22.2 before 22.2R2;&nbsp;</li></ul><p></p><p><span style=\"background-color: var(--darkreader-bg--wht);\">This issue does not affect:</span></p><p></p><ul><li><span style=\"background-color: var(--darkreader-bg--wht);\">versions of Junos OS prior to&nbsp;20.3R1;</span></li><li><span style=\"background-color: var(--darkreader-bg--wht);\">any version of Junos OS 20.4.</span></li></ul>"}], "value": "An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC.\n\nThrough code review, it was determined that the interface definition code for aftman could read beyond a buffer boundary, leading to a stack-based buffer overflow.\nThis issue affects Junos OS on MX Series and EX9200-15C:\n\n\n * from 21.2 before 21.2R3-S1, \n * from 21.4 before 21.4R3, \n * from 22.1 before 22.1R2, \n * from 22.2 before 22.2R2;\u00a0\n\n\n\n\nThis issue does not affect:\n\n\n\n * versions of Junos OS prior to\u00a020.3R1;\n * any version of Junos OS 20.4."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 8.2, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"description": "Denial of Service (DoS)", "lang": "en"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-05-16T18:00:45.272Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://supportportal.juniper.net/JSA79110"}, {"tags": ["technical-description"], "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software releases have been updated to resolve this specific issue:<br><br>Junos OS: 21.2R3-S1, 21.4R3, 22.1R2, 22.2R2, 22.3R1, and all subsequent releases.<br><br>"}], "value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS: 21.2R3-S1, 21.4R3, 22.1R2, 22.2R2, 22.3R1, and all subsequent releases."}], "source": {"advisory": "JSA79110", "defect": ["1670609"], "discovery": "INTERNAL"}, "title": "Junos OS: MX Series and EX9200-15C: Stack-based buffer overflow in aftman", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>There are no known workarounds for this issue.</p>"}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-30401", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-12T17:33:00.644134Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:38:24.398Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:32:07.287Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://supportportal.juniper.net/JSA79110"}, {"tags": ["technical-description", "x_transferred"], "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://supportportal.juniper.net/JSA79110", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "tags": ["technical-description", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:32:07.287Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-30401", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-12T17:33:00.644134Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T16:45:23.071Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Junos OS: MX Series and EX9200-15C: Stack-based buffer overflow in aftman", "source": {"defect": ["1670609"], "advisory": "JSA79110", "discovery": "INTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.2, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Juniper Networks", "product": "Junos OS", "versions": [{"status": "affected", "version": "21.2", "lessThan": "21.2R3-S1", "versionType": "semver"}, {"status": "affected", "version": "21.4", "lessThan": "21.4R3", "versionType": "semver"}, {"status": "affected", "version": "22.1", "lessThan": "22.1R2", "versionType": "semver"}, {"status": "affected", "version": "22.2", "lessThan": "22.2R2", "versionType": "semver"}, {"status": "unaffected", "version": "0", "lessThan": "20.3R1", "versionType": "semver"}, {"status": "unaffected", "version": "20.4"}], "platforms": ["MX Series", "EX9200-15C"], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "base64": false}]}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS: 21.2R3-S1, 21.4R3, 22.1R2, 22.2R2, 22.3R1, and all subsequent releases.", "supportingMedia": [{"type": "text/html", "value": "The following software releases have been updated to resolve this specific issue:<br><br>Junos OS: 21.2R3-S1, 21.4R3, 22.1R2, 22.2R2, 22.3R1, and all subsequent releases.<br><br>", "base64": false}]}], "datePublic": "2024-04-10T16:00:00.000Z", "references": [{"url": "https://supportportal.juniper.net/JSA79110", "tags": ["vendor-advisory"]}, {"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "tags": ["technical-description"]}], "workarounds": [{"lang": "en", "value": "There are no known workarounds for this issue.", "supportingMedia": [{"type": "text/html", "value": "<p>There are no known workarounds for this issue.</p>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC.\n\nThrough code review, it was determined that the interface definition code for aftman could read beyond a buffer boundary, leading to a stack-based buffer overflow.\nThis issue affects Junos OS on MX Series and EX9200-15C:\n\n\n * from 21.2 before 21.2R3-S1, \n * from 21.4 before 21.4R3, \n * from 22.1 before 22.1R2, \n * from 22.2 before 22.2R2;\u00a0\n\n\n\n\nThis issue does not affect:\n\n\n\n * versions of Junos OS prior to\u00a020.3R1;\n * any version of Junos OS 20.4.", "supportingMedia": [{"type": "text/html", "value": "An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC.<br><br>Through code review, it was determined that the interface definition code for aftman could read beyond a buffer boundary, leading to a stack-based buffer overflow.<br><p>This issue affects Junos OS on MX Series and EX9200-15C:<br></p><ul><li>from 21.2 before 21.2R3-S1, </li><li>from 21.4 before 21.4R3, </li><li>from 22.1 before 22.1R2, </li><li>from 22.2 before 22.2R2;&nbsp;</li></ul><p></p><p><span style=\"background-color: var(--darkreader-bg--wht);\">This issue does not affect:</span></p><p></p><ul><li><span style=\"background-color: var(--darkreader-bg--wht);\">versions of Junos OS prior to&nbsp;20.3R1;</span></li><li><span style=\"background-color: var(--darkreader-bg--wht);\">any version of Junos OS 20.4.</span></li></ul>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}, {"descriptions": [{"lang": "en", "description": "Denial of Service (DoS)"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-05-16T18:00:45.272Z"}}}, "cveMetadata": {"cveId": "CVE-2024-30401", "state": "PUBLISHED", "dateUpdated": "2024-08-02T01:32:07.287Z", "dateReserved": "2024-03-26T23:06:19.980Z", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "datePublished": "2024-04-12T15:26:58.419Z", "assignerShortName": "juniper"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC.\n\nThrough code review, it was determined that the interface definition code for aftman could read beyond a buffer boundary, leading to a stack-based buffer overflow.\nThis issue affects Junos OS on MX Series and EX9200-15C:\n\n\n * from 21.2 before 21.2R3-S1, \n * from 21.4 before 21.4R3, \n * from 22.1 before 22.1R2, \n * from 22.2 before 22.2R2;\u00a0\n\n\n\n\nThis issue does not affect:\n\n\n\n * versions of Junos OS prior to\u00a020.3R1;\n * any version of Junos OS 20.4."}, {"lang": "es", "value": "Una vulnerabilidad de lectura fuera de los l\u00edmites en el proceso avanzado de gesti\u00f3n de reenv\u00edo de Juniper Networks Junos OS en la serie MX con tarjetas de l\u00ednea MPC10E, MPC11, MX10K-LC9600, MX304 y EX9200-15C, puede permitir que un atacante aproveche un desbordamiento del b\u00fafer basado en la pila, lo que provocar\u00e1 un reinicio del FPC. A trav\u00e9s de la revisi\u00f3n del c\u00f3digo, se determin\u00f3 que el c\u00f3digo de definici\u00f3n de interfaz para aftman pod\u00eda leer m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer, lo que provocaba un desbordamiento del b\u00fafer basado en pila. Este problema afecta a Junos OS en la serie MX y EX9200-15C: * desde 21.2 antes de 21.2R3-S1, * desde 21.4 antes de 21.4R3, * desde 22.1 antes de 22.1R2, * desde 22.2 antes de 22.2R2; Este problema no afecta a: * versiones de Junos OS anteriores a 20.3R1; * cualquier versi\u00f3n de Junos OS 20.4."}], "id": "CVE-2024-30401", "lastModified": "2024-11-21T09:11:50.720", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "NONE"}, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2024-04-12T16:15:39.713", "references": [{"source": "sirt@juniper.net", "url": "https://supportportal.juniper.net/JSA79110"}, {"source": "sirt@juniper.net", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://supportportal.juniper.net/JSA79110"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "sirt@juniper.net", "type": "Secondary"}]}

{}