CVE-2024-39519 - Vulnerability Details

CVE-2024-39519 - Junos OS Evolved: ACX 7000 Series: Multicast traffic is looped in a multihoming EVPN MPLS scenario

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a

Denial-of-Service (DoS).

On all ACX 7000 Series platforms running

Junos OS Evolved, and configured with IRBs, if a Customer Edge device (CE) device is dual homed to two Provider Edge devices (PE) a traffic loop will occur when the CE sends multicast packets. This issue can be triggered by IPv4 and IPv6 traffic.

This issue affects Junos OS Evolved:

All versions from 22.2R1-EVO and later versions before 22.4R2-EVO,

This issue does not affect Junos OS Evolved versions before 22.1R1-EVO.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00242.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Juniper	Acx7024 Acx7024x Acx7100-32c Acx7100-48l Acx7332 Acx7348 Acx7509 Junos Os Evolved

Configuration 1 [-]

AND

OR	cpe:2.3:o:juniper:junos_os_evolved::::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2::::::

OR	cpe:2.3:h:juniper:acx7024:-:::::::*
	cpe:2.3:h:juniper:acx7024x:-:::::::*
	cpe:2.3:h:juniper:acx7100-32c:-:::::::*
	cpe:2.3:h:juniper:acx7100-48l:-:::::::*
	cpe:2.3:h:juniper:acx7332:-:::::::*
	cpe:2.3:h:juniper:acx7348:-:::::::*
	cpe:2.3:h:juniper:acx7509:-:::::::*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-38045	An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). On all ACX 7000 Series platforms running Junos OS Evolved, and configured with IRBs, if a Customer Edge device (CE) device is dual homed to two Provider Edge devices (PE) a traffic loop will occur when the CE sends multicast packets. This issue can be triggered by IPv4 and IPv6 traffic. This issue affects Junos OS Evolved: All versions from 22.2R1-EVO and later versions before 22.4R2-EVO, This issue does not affect Junos OS Evolved versions before 22.1R1-EVO.

Fixes

Solution

No solution given by the vendor.

Workaround

There are no known workarounds for this issue.

References

Link	Providers
https://supportportal.juniper.net/JSA82983

History

Mon, 23 Sep 2024 14:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Juniper Juniper acx7024 Juniper acx7024x Juniper acx7100-32c Juniper acx7100-48l Juniper acx7332 Juniper acx7348 Juniper acx7509 Juniper junos Os Evolved
CPEs		cpe:2.3:h:juniper:acx7024:-:::::::* cpe:2.3:h:juniper:acx7024x:-:::::::* cpe:2.3:h:juniper:acx7100-32c:-:::::::* cpe:2.3:h:juniper:acx7100-48l:-:::::::* cpe:2.3:h:juniper:acx7332:-:::::::* cpe:2.3:h:juniper:acx7348:-:::::::* cpe:2.3:h:juniper:acx7509:-:::::::* cpe:2.3:o:juniper:junos_os_evolved:::::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:-:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r1::::::
Vendors & Products		Juniper Juniper acx7024 Juniper acx7024x Juniper acx7100-32c Juniper acx7100-48l Juniper acx7332 Juniper acx7348 Juniper acx7509 Juniper junos Os Evolved

MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2024-07-11T15:55:37.087Z

Updated: 2024-08-02T04:26:15.781Z

Reserved: 2024-06-25T15:12:53.239Z

Link: CVE-2024-39519

Vulnrichment

Updated: 2024-07-11T18:57:50.859Z

NVD

Status : Modified

Published: 2024-07-11T16:15:02.717

Modified: 2024-11-21T09:27:54.717

Link: CVE-2024-39519

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object