CVE-2024-39531 - Vulnerability Details

Vendors	Products
Juniper	Junos Os Evolved

Source	ID	Title
EUVD	EUVD-2024-38057	An Improper Handling of Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows a network-based, unauthenticated attacker to cause a Denial-of-Service (DoS). If a value is configured for DDoS bandwidth or burst parameters for any protocol in a queue, all protocols which share the same queue will have their bandwidth or burst value changed to the new value. If, for example, OSPF was configured with a certain bandwidth value, ISIS would also be limited to this value. So inadvertently either the control plane is open for a high level of specific traffic which was supposed to be limited to a lower value, or the limit for a certain protocol is so low that chances to succeed with a volumetric DoS attack are significantly increased. This issue affects Junos OS Evolved on ACX 7000 Series: * All versions before 21.4R3-S7-EVO, * 22.1 versions before 22.1R3-S6-EVO, * 22.2 versions before 22.2R3-S3-EVO, * 22.3 versions before 22.3R3-S3-EVO, * 22.4 versions before 22.4R3-S2-EVO, * 23.2 versions before 23.2R2-EVO, * 23.4 versions before 23.4R1-S1-EVO, 23.4R2-EVO.

Link	Providers
https://supportportal.juniper.net/JSA82991

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-39531", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2024-06-25T15:12:53.241Z", "datePublished": "2024-07-11T16:04:46.412Z", "dateUpdated": "2024-08-02T04:26:15.878Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["ACX 7000 Series"], "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.4R3-S7-EVO", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "22.1R3-S6-EVO", "status": "affected", "version": "22.1", "versionType": "semver"}, {"lessThan": "22.2R3-S3-EVO", "status": "affected", "version": "22.2", "versionType": "semver"}, {"lessThan": "22.3R3-S3-EVO", "status": "affected", "version": "22.3", "versionType": "semver"}, {"lessThan": "22.4R3-S2-EVO", "status": "affected", "version": "22.4", "versionType": "semver"}, {"lessThan": "23.2R2-EVO", "status": "affected", "version": "23.2", "versionType": "semver"}, {"lessThan": "23.4R1-S1-EVO, 23.4R2-EVO", "status": "affected", "version": "23.4", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "To be exposed to this issue noticeably low or high values for a specific protocol have to be configured, which then also effect other protocols: <tt>[ system ddos-protection protocols <protocol> aggregate bandwidth <bandwidth> ] [ system ddos-protection protocols <protocol> aggregate burst <burst> ]</tt>"}], "value": "To be exposed to this issue noticeably low or high values for a specific protocol have to be configured, which then also effect other protocols:\n\n[ system ddos-protection protocols <protocol> aggregate\u00a0bandwidth <bandwidth> ]\n[ system ddos-protection protocols <protocol> aggregate burst <burst> ]"}], "datePublic": "2024-07-10T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Improper Handling of Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows a network-based, unauthenticated attacker to cause a Denial-of-Service (DoS). If a value is configured for DDoS bandwidth or burst parameters for any protocol in\na queue, all protocols which share the same queue will have\ntheir bandwidth or burst value changed to the new value. If, for example, OSPF was configured with a certain bandwidth value, ISIS would also be limited to this value. So inadvertently either the control plane is open for a high level of specific traffic which was supposed to be limited to a lower value, or the limit for a certain protocol is so low that chances to succeed with a volumetric DoS attack are significantly increased.  This issue affects Junos OS Evolved on ACX 7000 Series:<ul><li>All versions before 21.4R3-S7-EVO,</li><li>22.1 versions before 22.1R3-S6-EVO, </li><li>22.2 versions before 22.2R3-S3-EVO,</li><li>22.3 versions before 22.3R3-S3-EVO, </li><li>22.4 versions before 22.4R3-S2-EVO,</li><li>23.2 versions before 23.2R2-EVO,</li><li>23.4 \n\nversions \n\nbefore 23.4R1-S1-EVO, 23.4R2-EVO.</li></ul>"}], "value": "An Improper Handling of Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows a network-based, unauthenticated attacker to cause a Denial-of-Service (DoS).\n\nIf a value is configured for DDoS bandwidth or burst parameters for any protocol in\na queue, all protocols which share the same queue will have\ntheir bandwidth or burst value changed to the new value. If, for example, OSPF was configured with a certain bandwidth value, ISIS would also be limited to this value. So inadvertently either the control plane is open for a high level of specific traffic which was supposed to be limited to a lower value, or the limit for a certain protocol is so low that chances to succeed with a volumetric DoS attack are significantly increased.\u00a0\n\n\n\n\nThis issue affects Junos OS Evolved on ACX 7000 Series:\n\n\n\n * All versions before 21.4R3-S7-EVO,\n * 22.1 versions before 22.1R3-S6-EVO,\u00a0\n * 22.2 versions before 22.2R3-S3-EVO,\n * 22.3 versions before 22.3R3-S3-EVO,\u00a0\n * 22.4 versions before 22.4R3-S2-EVO,\n * 23.2 versions before 23.2R2-EVO,\n * 23.4 \n\nversions \n\nbefore 23.4R1-S1-EVO, 23.4R2-EVO."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-229", "description": "CWE-229: Improper Handling of Values", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-07-11T16:04:46.412Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://supportportal.juniper.net/JSA82991"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S7-EVO, 22.1R3-S6-EVO, 22.2R3-S3-EVO, 22.3R3-S3-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R1-S1-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases."}], "value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S7-EVO, 22.1R3-S6-EVO, 22.2R3-S3-EVO, 22.3R3-S3-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R1-S1-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases."}], "source": {"advisory": "JSA82991", "defect": ["1784343"], "discovery": "USER"}, "title": "Junos OS Evolved: ACX 7000 Series: Protocol specific DDoS configuration affects other protocols", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There are no known workarounds for this issue."}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "juniper", "product": "junos_os_evolved", "cpes": ["cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "21.4R3-S7-EVO", "versionType": "semver"}, {"version": "22.1", "status": "affected", "lessThan": "22.1R3-S6-EVO", "versionType": "semver"}, {"version": "22.2", "status": "affected", "lessThan": "22.2R3-S3-EVO", "versionType": "semver"}, {"version": "22.3", "status": "affected", "lessThan": "22.3R3-S3-EVO", "versionType": "semver"}, {"version": "22.4", "status": "affected", "lessThan": "22.4R3-S2-EVO", "versionType": "semver"}, {"version": "23.2", "status": "affected", "lessThan": "23.2R2-EVO", "versionType": "semver"}, {"version": "23.4", "status": "affected", "lessThan": "23.4R1-S1-EVO", "versionType": "semver"}, {"version": "23.4", "status": "affected", "lessThan": "23.4R2-EVO", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-11T17:21:25.492198Z", "id": "CVE-2024-39531", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-12T16:37:26.269Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:26:15.878Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://supportportal.juniper.net/JSA82991"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-39531", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-11T17:21:25.492198Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*"], "vendor": "juniper", "product": "junos_os_evolved", "versions": [{"status": "affected", "version": "0", "lessThan": "21.4R3-S7-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.1", "lessThan": "22.1R3-S6-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.2", "lessThan": "22.2R3-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.3", "lessThan": "22.3R3-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.4", "lessThan": "22.4R3-S2-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R2-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R1-S1-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R2-EVO", "versionType": "semver"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T17:42:23.031Z"}}], "cna": {"title": "Junos OS Evolved: ACX 7000 Series: Protocol specific DDoS configuration affects other protocols", "source": {"defect": ["1784343"], "advisory": "JSA82991", "discovery": "USER"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Juniper Networks", "product": "Junos OS Evolved", "versions": [{"status": "affected", "version": "0", "lessThan": "21.4R3-S7-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.1", "lessThan": "22.1R3-S6-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.2", "lessThan": "22.2R3-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.3", "lessThan": "22.3R3-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.4", "lessThan": "22.4R3-S2-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R2-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R1-S1-EVO, 23.4R2-EVO", "versionType": "semver"}], "platforms": ["ACX 7000 Series"], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "base64": false}]}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S7-EVO, 22.1R3-S6-EVO, 22.2R3-S3-EVO, 22.3R3-S3-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R1-S1-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases.", "supportingMedia": [{"type": "text/html", "value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S7-EVO, 22.1R3-S6-EVO, 22.2R3-S3-EVO, 22.3R3-S3-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R1-S1-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases.", "base64": false}]}], "datePublic": "2024-07-10T16:00:00.000Z", "references": [{"url": "https://supportportal.juniper.net/JSA82991", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "There are no known workarounds for this issue.", "supportingMedia": [{"type": "text/html", "value": "There are no known workarounds for this issue.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An Improper Handling of Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows a network-based, unauthenticated attacker to cause a Denial-of-Service (DoS).\n\nIf a value is configured for DDoS bandwidth or burst parameters for any protocol in\na queue, all protocols which share the same queue will have\ntheir bandwidth or burst value changed to the new value. If, for example, OSPF was configured with a certain bandwidth value, ISIS would also be limited to this value. So inadvertently either the control plane is open for a high level of specific traffic which was supposed to be limited to a lower value, or the limit for a certain protocol is so low that chances to succeed with a volumetric DoS attack are significantly increased.\u00a0\n\n\n\n\nThis issue affects Junos OS Evolved on ACX 7000 Series:\n\n\n\n * All versions before 21.4R3-S7-EVO,\n * 22.1 versions before 22.1R3-S6-EVO,\u00a0\n * 22.2 versions before 22.2R3-S3-EVO,\n * 22.3 versions before 22.3R3-S3-EVO,\u00a0\n * 22.4 versions before 22.4R3-S2-EVO,\n * 23.2 versions before 23.2R2-EVO,\n * 23.4 \n\nversions \n\nbefore 23.4R1-S1-EVO, 23.4R2-EVO.", "supportingMedia": [{"type": "text/html", "value": "An Improper Handling of Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows a network-based, unauthenticated attacker to cause a Denial-of-Service (DoS). If a value is configured for DDoS bandwidth or burst parameters for any protocol in\na queue, all protocols which share the same queue will have\ntheir bandwidth or burst value changed to the new value. If, for example, OSPF was configured with a certain bandwidth value, ISIS would also be limited to this value. So inadvertently either the control plane is open for a high level of specific traffic which was supposed to be limited to a lower value, or the limit for a certain protocol is so low that chances to succeed with a volumetric DoS attack are significantly increased.  This issue affects Junos OS Evolved on ACX 7000 Series:<ul><li>All versions before 21.4R3-S7-EVO,</li><li>22.1 versions before 22.1R3-S6-EVO, </li><li>22.2 versions before 22.2R3-S3-EVO,</li><li>22.3 versions before 22.3R3-S3-EVO, </li><li>22.4 versions before 22.4R3-S2-EVO,</li><li>23.2 versions before 23.2R2-EVO,</li><li>23.4 \n\nversions \n\nbefore 23.4R1-S1-EVO, 23.4R2-EVO.</li></ul>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-229", "description": "CWE-229: Improper Handling of Values"}]}], "configurations": [{"lang": "en", "value": "To be exposed to this issue noticeably low or high values for a specific protocol have to be configured, which then also effect other protocols:\n\n[ system ddos-protection protocols <protocol> aggregate\u00a0bandwidth <bandwidth> ]\n[ system ddos-protection protocols <protocol> aggregate burst <burst> ]", "supportingMedia": [{"type": "text/html", "value": "To be exposed to this issue noticeably low or high values for a specific protocol have to be configured, which then also effect other protocols: <tt>[ system ddos-protection protocols <protocol> aggregate bandwidth <bandwidth> ] [ system ddos-protection protocols <protocol> aggregate burst <burst> ]</tt>", "base64": false}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-07-11T16:04:46.412Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39531", "state": "PUBLISHED", "dateUpdated": "2024-07-12T16:37:26.269Z", "dateReserved": "2024-06-25T15:12:53.241Z", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "datePublished": "2024-07-11T16:04:46.412Z", "assignerShortName": "juniper"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "An Improper Handling of Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows a network-based, unauthenticated attacker to cause a Denial-of-Service (DoS).\n\nIf a value is configured for DDoS bandwidth or burst parameters for any protocol in\na queue, all protocols which share the same queue will have\ntheir bandwidth or burst value changed to the new value. If, for example, OSPF was configured with a certain bandwidth value, ISIS would also be limited to this value. So inadvertently either the control plane is open for a high level of specific traffic which was supposed to be limited to a lower value, or the limit for a certain protocol is so low that chances to succeed with a volumetric DoS attack are significantly increased.\u00a0\n\n\n\n\nThis issue affects Junos OS Evolved on ACX 7000 Series:\n\n\n\n * All versions before 21.4R3-S7-EVO,\n * 22.1 versions before 22.1R3-S6-EVO,\u00a0\n * 22.2 versions before 22.2R3-S3-EVO,\n * 22.3 versions before 22.3R3-S3-EVO,\u00a0\n * 22.4 versions before 22.4R3-S2-EVO,\n * 23.2 versions before 23.2R2-EVO,\n * 23.4 \n\nversions \n\nbefore 23.4R1-S1-EVO, 23.4R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de manejo inadecuado de valores en Packet Forwarding Engine (PFE) de Juniper Networks Junos OS evolucionado en la serie ACX 7000 permite que un atacante no autenticado basado en red provoque una denegaci\u00f3n de servicio (DoS). Si se configura un valor para el ancho de banda DDoS o los par\u00e1metros de r\u00e1faga para cualquier protocolo en una cola, todos los protocolos que comparten la misma cola cambiar\u00e1n su ancho de banda o valor de r\u00e1faga al nuevo valor. Si, por ejemplo, OSPF estuviera configurado con un determinado valor de ancho de banda, ISIS tambi\u00e9n estar\u00eda limitado a este valor. Entonces, sin darse cuenta, o el plano de control est\u00e1 abierto para un alto nivel de tr\u00e1fico espec\u00edfico que se supon\u00eda estaba limitado a un valor m\u00e1s bajo, o el l\u00edmite para un determinado protocolo es tan bajo que las posibilidades de \u00e9xito con un ataque DoS volum\u00e9trico aumentan significativamente. Este problema afecta a Junos OS Evolved en la serie ACX 7000: * Todas las versiones anteriores a 21.4R3-S7-EVO, * Versiones 22.1 anteriores a 22.1R3-S6-EVO, * Versiones 22.2 anteriores a 22.2R3-S3-EVO, * Versiones 22.3 anteriores a 22.3R3 -S3-EVO, *22.4 versiones anteriores a 22.4R3-S2-EVO, *23.2 versiones anteriores a 23.2R2-EVO, *23.4 versiones anteriores a 23.4R1-S1-EVO, 23.4R2-EVO."}], "id": "CVE-2024-39531", "lastModified": "2024-11-21T09:27:56.690", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "LOW", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "NONE"}, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2024-07-11T17:15:10.150", "references": [{"source": "sirt@juniper.net", "url": "https://supportportal.juniper.net/JSA82991"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://supportportal.juniper.net/JSA82991"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-229"}], "source": "sirt@juniper.net", "type": "Secondary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object