CVE-2024-39528 - OpenCVE

A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service (DoS).On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at the same time a specific SNMP request is received, a segmentation fault occurs which causes rpd to crash and restart. This issue affects: Junos OS: * All versions before 21.2R3-S8, * 21.4 versions before 21.4R3-S5, * 22.2 versions before 22.2R3-S3, * 22.3 versions before 22.3R3-S2, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R2. Junos OS Evolved: * All versions before 21.2R3-S8-EVO, * 21.4-EVO versions before 21.4R3-S5-EVO, * 22.2-EVO versions before 22.2R3-S3-EVO, * 22.3-EVO versions before 22.3R3-S2-EVO, * 22.4-EVO versions before 22.4R3-EVO, * 23.2-EVO versions before 23.2R2-EVO.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Juniper	Junos Junos Os Evolved

Configuration 1 [-]

OR	cpe:2.3:o:juniper:junos::::::::
	cpe:2.3:o:juniper:junos:21.2:-::::::
	cpe:2.3:o:juniper:junos:21.2:r1::::::
	cpe:2.3:o:juniper:junos:21.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:21.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:21.2:r2::::::
	cpe:2.3:o:juniper:junos:21.2:r2-s1::::::
	cpe:2.3:o:juniper:junos:21.2:r2-s2::::::
	cpe:2.3:o:juniper:junos:21.2:r3::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s1::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s2::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s3::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s4::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s5::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s6::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s7::::::

Configuration 2 [-]

OR	cpe:2.3:o:juniper:junos:21.4:-::::::
	cpe:2.3:o:juniper:junos:21.4:r1::::::
	cpe:2.3:o:juniper:junos:21.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:21.4:r1-s2::::::
	cpe:2.3:o:juniper:junos:21.4:r2::::::
	cpe:2.3:o:juniper:junos:21.4:r2-s1::::::
	cpe:2.3:o:juniper:junos:21.4:r2-s2::::::
	cpe:2.3:o:juniper:junos:21.4:r3::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s1::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s2::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s3::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s4::::::

Configuration 3 [-]

OR	cpe:2.3:o:juniper:junos:22.2:-::::::
	cpe:2.3:o:juniper:junos:22.2:r1::::::
	cpe:2.3:o:juniper:junos:22.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:22.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:22.2:r2::::::
	cpe:2.3:o:juniper:junos:22.2:r2-s1::::::
	cpe:2.3:o:juniper:junos:22.2:r2-s2::::::
	cpe:2.3:o:juniper:junos:22.2:r3::::::
	cpe:2.3:o:juniper:junos:22.2:r3-s1::::::
	cpe:2.3:o:juniper:junos:22.2:r3-s2::::::

Configuration 4 [-]

OR	cpe:2.3:o:juniper:junos:22.3:-::::::
	cpe:2.3:o:juniper:junos:22.3:r1::::::
	cpe:2.3:o:juniper:junos:22.3:r1-s1::::::
	cpe:2.3:o:juniper:junos:22.3:r1-s2::::::
	cpe:2.3:o:juniper:junos:22.3:r2::::::
	cpe:2.3:o:juniper:junos:22.3:r2-s1::::::
	cpe:2.3:o:juniper:junos:22.3:r2-s2::::::
	cpe:2.3:o:juniper:junos:22.3:r3::::::
	cpe:2.3:o:juniper:junos:22.3:r3-s1::::::

Configuration 5 [-]

OR	cpe:2.3:o:juniper:junos:22.4:-::::::
	cpe:2.3:o:juniper:junos:22.4:r1::::::
	cpe:2.3:o:juniper:junos:22.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:22.4:r1-s2::::::
	cpe:2.3:o:juniper:junos:22.4:r2::::::
	cpe:2.3:o:juniper:junos:22.4:r2-s1::::::
	cpe:2.3:o:juniper:junos:22.4:r2-s2::::::

Configuration 6 [-]

OR	cpe:2.3:o:juniper:junos:23.2:-::::::
	cpe:2.3:o:juniper:junos:23.2:r1::::::
	cpe:2.3:o:juniper:junos:23.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:23.2:r1-s2::::::

Configuration 7 [-]

OR	cpe:2.3:o:juniper:junos_os_evolved::::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r3::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s7::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.4:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.4:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.4:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.4:r3::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3::::::
	cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r3::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2::::::

No data.

References

Link	Providers
https://supportportal.juniper.net/JSA82987

History

Mon, 23 Sep 2024 14:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Juniper Juniper junos Juniper junos Os Evolved
CPEs		cpe:2.3:o:juniper:junos:::::::: cpe:2.3:o:juniper:junos:21.2:-:::::: cpe:2.3:o:juniper:junos:21.2:r1-s1:::::: cpe:2.3:o:juniper:junos:21.2:r1-s2:::::: cpe:2.3:o:juniper:junos:21.2:r1:::::: cpe:2.3:o:juniper:junos:21.2:r2-s1:::::: cpe:2.3:o:juniper:junos:21.2:r2-s2:::::: cpe:2.3:o:juniper:junos:21.2:r2:::::: cpe:2.3:o:juniper:junos:21.2:r3-s1:::::: cpe:2.3:o:juniper:junos:21.2:r3-s2:::::: cpe:2.3:o:juniper:junos:21.2:r3-s3:::::: cpe:2.3:o:juniper:junos:21.2:r3-s4:::::: cpe:2.3:o:juniper:junos:21.2:r3-s5:::::: cpe:2.3:o:juniper:junos:21.2:r3-s6:::::: cpe:2.3:o:juniper:junos:21.2:r3-s7:::::: cpe:2.3:o:juniper:junos:21.2:r3:::::: cpe:2.3:o:juniper:junos:21.4:-:::::: cpe:2.3:o:juniper:junos:21.4:r1-s1:::::: cpe:2.3:o:juniper:junos:21.4:r1-s2:::::: cpe:2.3:o:juniper:junos:21.4:r1:::::: cpe:2.3:o:juniper:junos:21.4:r2-s1:::::: cpe:2.3:o:juniper:junos:21.4:r2-s2:::::: cpe:2.3:o:juniper:junos:21.4:r2:::::: cpe:2.3:o:juniper:junos:21.4:r3-s1:::::: cpe:2.3:o:juniper:junos:21.4:r3-s2:::::: cpe:2.3:o:juniper:junos:21.4:r3-s3:::::: cpe:2.3:o:juniper:junos:21.4:r3-s4:::::: cpe:2.3:o:juniper:junos:21.4:r3:::::: cpe:2.3:o:juniper:junos:22.2:-:::::: cpe:2.3:o:juniper:junos:22.2:r1-s1:::::: cpe:2.3:o:juniper:junos:22.2:r1-s2:::::: cpe:2.3:o:juniper:junos:22.2:r1:::::: cpe:2.3:o:juniper:junos:22.2:r2-s1:::::: cpe:2.3:o:juniper:junos:22.2:r2-s2:::::: cpe:2.3:o:juniper:junos:22.2:r2:::::: cpe:2.3:o:juniper:junos:22.2:r3-s1:::::: cpe:2.3:o:juniper:junos:22.2:r3-s2:::::: cpe:2.3:o:juniper:junos:22.2:r3:::::: cpe:2.3:o:juniper:junos:22.3:-:::::: cpe:2.3:o:juniper:junos:22.3:r1-s1:::::: cpe:2.3:o:juniper:junos:22.3:r1-s2:::::: cpe:2.3:o:juniper:junos:22.3:r1:::::: cpe:2.3:o:juniper:junos:22.3:r2-s1:::::: cpe:2.3:o:juniper:junos:22.3:r2-s2:::::: cpe:2.3:o:juniper:junos:22.3:r2:::::: cpe:2.3:o:juniper:junos:22.3:r3-s1:::::: cpe:2.3:o:juniper:junos:22.3:r3:::::: cpe:2.3:o:juniper:junos:22.4:-:::::: cpe:2.3:o:juniper:junos:22.4:r1-s1:::::: cpe:2.3:o:juniper:junos:22.4:r1-s2:::::: cpe:2.3:o:juniper:junos:22.4:r1:::::: cpe:2.3:o:juniper:junos:22.4:r2-s1:::::: cpe:2.3:o:juniper:junos:22.4:r2-s2:::::: cpe:2.3:o:juniper:junos:22.4:r2:::::: cpe:2.3:o:juniper:junos:23.2:-:::::: cpe:2.3:o:juniper:junos:23.2:r1-s1:::::: cpe:2.3:o:juniper:junos:23.2:r1-s2:::::: cpe:2.3:o:juniper:junos:23.2:r1:::::: cpe:2.3:o:juniper:junos_os_evolved:::::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:-:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s7:::::: cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:::::: cpe:2.3:o:juniper:junos_os_evolved:21.4:-:::::: cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:::::: cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:::::: cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:::::: cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:::::: cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:-:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:-:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:-:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r1::::::
Vendors & Products		Juniper Juniper junos Juniper junos Os Evolved

MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2024-07-11T16:02:45.680Z

Updated: 2024-08-02T04:26:15.902Z

Reserved: 2024-06-25T15:12:53.240Z

Link: CVE-2024-39528

Vulnrichment

Updated: 2024-07-11T18:58:30.543Z

NVD

Status : Analyzed

Published: 2024-07-11T16:15:04.113

Modified: 2024-09-23T14:01:41.367

Link: CVE-2024-39528

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object