{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-39555", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2024-06-25T15:12:53.247Z", "datePublished": "2024-07-10T22:36:48.706Z", "dateUpdated": "2024-08-02T04:26:15.946Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.4R3-S8", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "22.2R3-S4", "status": "affected", "version": "22.2", "versionType": "semver"}, {"lessThan": "22.3R3-S3", "status": "affected", "version": "22.3", "versionType": "semver"}, {"lessThan": "22.4R3-S3", "status": "affected", "version": "22.4", "versionType": "semver"}, {"lessThan": "23.2R2-S1", "status": "affected", "version": "23.2", "versionType": "semver"}, {"lessThan": "23.4R1-S2, 23.4R2", "status": "affected", "version": "23.4", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.4R3-S8-EVO", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "22.2R3-S4-EVO", "status": "affected", "version": "22.2-EVO", "versionType": "semver"}, {"lessThan": "22.3R3-S3-EVO", "status": "affected", "version": "22.3-EVO", "versionType": "semver"}, {"lessThan": "22.4R3-S3-EVO", "status": "affected", "version": "22.4-EVO", "versionType": "semver"}, {"lessThan": "23.2R2-S1-EVO", "status": "affected", "version": "23.2-EVO", "versionType": "semver"}, {"lessThan": "23.4R1-S2-EVO, 23.4R2-EVO", "status": "affected", "version": "23.4-EVO", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A sample BGP segment routing configuration is shown below:<br><br><tt>[ protocols bgp group &lt;name&gt; family inet segment-routing-te ] (IPv4)<br>\n\n[ protocols bgp group &lt;name&gt; family inet6 segment-routing-te ] (IPv6)<br></tt>"}], "value": "A sample BGP segment routing configuration is shown below:\n\n[ protocols bgp group <name> family inet segment-routing-te ] (IPv4)\n\n\n[ protocols bgp group <name> family inet6 segment-routing-te ] (IPv6)"}], "datePublic": "2024-07-10T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service (DoS). Continued receipt and processing of these malformed BGP update messages will create a sustained Denial of Service (DoS) condition.<br><br>Upon receipt of a BGP update message over an established BGP session containing a specifically malformed tunnel encapsulation attribute, when segment routing is enabled, internal processing of the malformed attributes within the update results in improper parsing of remaining attributes, leading to session reset:<br><br><tt>BGP SEND Notification code 3 (Update Message Error) subcode 1 (invalid attribute list)</tt><br><br>Only systems with segment routing enabled are vulnerable to this issue.<br><br>This issue affects eBGP and iBGP, in both IPv4 and IPv6 implementations, and requires a remote attacker to have at least one established BGP session.<br><br><p>This issue affects:</p><p>Junos OS: <br></p><ul><li>All versions before 21.4R3-S8, </li><li>from 22.2 before 22.2R3-S4, </li><li>from 22.3 before 22.3R3-S3, </li><li>from 22.4 before 22.4R3-S3, </li><li>from 23.2 before 23.2R2-S1, </li><li>from 23.4 before 23.4R1-S2, 23.4R2.</li></ul><p>Junos OS Evolved:&nbsp;</p><ul><li>All versions before 21.4R3-S8-EVO, </li><li>from 22.2-EVO before 22.2R3-S4-EVO, </li><li>from 22.3-EVO before 22.3R3-S3-EVO, </li><li>from 22.4-EVO before 22.4R3-S3-EVO, </li><li>from 23.2-EVO before 23.2R2-S1-EVO, </li><li>from 23.4-EVO before 23.4R1-S2-EVO, 23.4R2-EVO.</li></ul>"}], "value": "An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service (DoS). Continued receipt and processing of these malformed BGP update messages will create a sustained Denial of Service (DoS) condition.\n\nUpon receipt of a BGP update message over an established BGP session containing a specifically malformed tunnel encapsulation attribute, when segment routing is enabled, internal processing of the malformed attributes within the update results in improper parsing of remaining attributes, leading to session reset:\n\nBGP SEND Notification code 3 (Update Message Error) subcode 1 (invalid attribute list)\n\nOnly systems with segment routing enabled are vulnerable to this issue.\n\nThis issue affects eBGP and iBGP, in both IPv4 and IPv6 implementations, and requires a remote attacker to have at least one established BGP session.\n\nThis issue affects:\n\nJunos OS: \n\n\n * All versions before 21.4R3-S8, \n * from 22.2 before 22.2R3-S4, \n * from 22.3 before 22.3R3-S3, \n * from 22.4 before 22.4R3-S3, \n * from 23.2 before 23.2R2-S1, \n * from 23.4 before 23.4R1-S2, 23.4R2.\n\n\nJunos OS Evolved:\u00a0\n\n * All versions before 21.4R3-S8-EVO, \n * from 22.2-EVO before 22.2R3-S4-EVO, \n * from 22.3-EVO before 22.3R3-S3-EVO, \n * from 22.4-EVO before 22.4R3-S3-EVO, \n * from 23.2-EVO before 23.2R2-S1-EVO, \n * from 23.4-EVO before 23.4R1-S2-EVO, 23.4R2-EVO."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "AUTOMATIC", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:A", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-755", "description": "CWE-755 Improper Handling of Exceptional Conditions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-07-10T22:37:53.351Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://supportportal.juniper.net/JSA83015"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software releases have been updated to resolve this specific issue:<br> \n<br>Junos OS: 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, 22.4R3-S3, 23.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases.<br>Junos OS Evolved: 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases.<br>\n\n\n\n<br>"}], "value": "The following software releases have been updated to resolve this specific issue:\n \n\nJunos OS: 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, 22.4R3-S3, 23.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases.\nJunos OS Evolved: 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases."}], "source": {"advisory": "JSA83015", "defect": ["1787290"], "discovery": "INTERNAL"}, "title": "Junos OS and Junos OS Evolved: Receipt of a specific malformed BGP update causes the session to reset", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There are no known workarounds for this issue."}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "juniper", "product": "junos_os", "cpes": ["cpe:2.3:o:juniper:junos_os:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "21.4R3-S8", "versionType": "semver"}, {"version": "22.2", "status": "affected", "lessThan": "22.2R3-S4", "versionType": "semver"}, {"version": "22.3", "status": "affected", "lessThan": "22.3R3-S3", "versionType": "semver"}, {"version": "22.4", "status": "affected", "lessThan": "22.4R3-S3", "versionType": "semver"}, {"version": "23.2", "status": "affected", "lessThan": "23.2R2-S1", "versionType": "semver"}, {"version": "23.4", "status": "affected", "lessThan": "23.4R1-S2", "versionType": "semver"}, {"version": "23.4", "status": "affected", "lessThan": "23.4R2", "versionType": "semver"}]}, {"vendor": "juniper", "product": "junos_os_evolved", "cpes": ["cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "21.4R3-S8-EVO", "versionType": "semver"}, {"version": "22.2-EVO", "status": "affected", "lessThan": "22.2R3-S4-EVO", "versionType": "semver"}, {"version": "22.3-EVO", "status": "affected", "lessThan": "22.3R3-S3-EVO", "versionType": "semver"}, {"version": "22.4-EVO", "status": "affected", "lessThan": "22.4R3-S3-EVO", "versionType": "semver"}, {"version": "23.2-EVO", "status": "affected", "lessThan": "23.2R2-S1-EVO", "versionType": "semver"}, {"version": "23.4-EVO", "status": "affected", "lessThan": "23.4R1-S2-EVO", "versionType": "semver"}, {"version": "23.4-EVO", "status": "affected", "lessThan": "23.4R2-EVO", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-11T14:13:23.572231Z", "id": "CVE-2024-39555", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-12T16:41:46.291Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:26:15.946Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://supportportal.juniper.net/JSA83015"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-39555", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-11T14:13:23.572231Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:juniper:junos_os:*:*:*:*:*:*:*:*"], "vendor": "juniper", "product": "junos_os", "versions": [{"status": "affected", "version": "0", "lessThan": "21.4R3-S8", "versionType": "semver"}, {"status": "affected", "version": "22.2", "lessThan": "22.2R3-S4", "versionType": "semver"}, {"status": "affected", "version": "22.3", "lessThan": "22.3R3-S3", "versionType": "semver"}, {"status": "affected", "version": "22.4", "lessThan": "22.4R3-S3", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R2-S1", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R1-S2", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R2", "versionType": "semver"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*"], "vendor": "juniper", "product": "junos_os_evolved", "versions": [{"status": "affected", "version": "0", "lessThan": "21.4R3-S8-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.2-EVO", "lessThan": "22.2R3-S4-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.3-EVO", "lessThan": "22.3R3-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.4-EVO", "lessThan": "22.4R3-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.2-EVO", "lessThan": "23.2R2-S1-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.4-EVO", "lessThan": "23.4R1-S2-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.4-EVO", "lessThan": "23.4R2-EVO", "versionType": "semver"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T14:38:44.695Z"}}], "cna": {"title": "Junos OS and Junos OS Evolved: Receipt of a specific malformed BGP update causes the session to reset", "source": {"defect": ["1787290"], "advisory": "JSA83015", "discovery": "INTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "AUTOMATIC", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:A", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Juniper Networks", "product": "Junos OS", "versions": [{"status": "affected", "version": "0", "lessThan": "21.4R3-S8", "versionType": "semver"}, {"status": "affected", "version": "22.2", "lessThan": "22.2R3-S4", "versionType": "semver"}, {"status": "affected", "version": "22.3", "lessThan": "22.3R3-S3", "versionType": "semver"}, {"status": "affected", "version": "22.4", "lessThan": "22.4R3-S3", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R2-S1", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R1-S2, 23.4R2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Juniper Networks", "product": "Junos OS Evolved", "versions": [{"status": "affected", "version": "0", "lessThan": "21.4R3-S8-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.2-EVO", "lessThan": "22.2R3-S4-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.3-EVO", "lessThan": "22.3R3-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.4-EVO", "lessThan": "22.4R3-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.2-EVO", "lessThan": "23.2R2-S1-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.4-EVO", "lessThan": "23.4R1-S2-EVO, 23.4R2-EVO", "versionType": "semver"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "base64": false}]}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue:\n \n\nJunos OS: 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, 22.4R3-S3, 23.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases.\nJunos OS Evolved: 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases.", "supportingMedia": [{"type": "text/html", "value": "The following software releases have been updated to resolve this specific issue:<br> \n<br>Junos OS: 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, 22.4R3-S3, 23.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases.<br>Junos OS Evolved: 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases.<br>\n\n\n\n<br>", "base64": false}]}], "datePublic": "2024-07-10T16:00:00.000Z", "references": [{"url": "https://supportportal.juniper.net/JSA83015", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "There are no known workarounds for this issue.", "supportingMedia": [{"type": "text/html", "value": "There are no known workarounds for this issue.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service (DoS). Continued receipt and processing of these malformed BGP update messages will create a sustained Denial of Service (DoS) condition.\n\nUpon receipt of a BGP update message over an established BGP session containing a specifically malformed tunnel encapsulation attribute, when segment routing is enabled, internal processing of the malformed attributes within the update results in improper parsing of remaining attributes, leading to session reset:\n\nBGP SEND Notification code 3 (Update Message Error) subcode 1 (invalid attribute list)\n\nOnly systems with segment routing enabled are vulnerable to this issue.\n\nThis issue affects eBGP and iBGP, in both IPv4 and IPv6 implementations, and requires a remote attacker to have at least one established BGP session.\n\nThis issue affects:\n\nJunos OS: \n\n\n * All versions before 21.4R3-S8, \n * from 22.2 before 22.2R3-S4, \n * from 22.3 before 22.3R3-S3, \n * from 22.4 before 22.4R3-S3, \n * from 23.2 before 23.2R2-S1, \n * from 23.4 before 23.4R1-S2, 23.4R2.\n\n\nJunos OS Evolved:\u00a0\n\n * All versions before 21.4R3-S8-EVO, \n * from 22.2-EVO before 22.2R3-S4-EVO, \n * from 22.3-EVO before 22.3R3-S3-EVO, \n * from 22.4-EVO before 22.4R3-S3-EVO, \n * from 23.2-EVO before 23.2R2-S1-EVO, \n * from 23.4-EVO before 23.4R1-S2-EVO, 23.4R2-EVO.", "supportingMedia": [{"type": "text/html", "value": "An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service (DoS). Continued receipt and processing of these malformed BGP update messages will create a sustained Denial of Service (DoS) condition.<br><br>Upon receipt of a BGP update message over an established BGP session containing a specifically malformed tunnel encapsulation attribute, when segment routing is enabled, internal processing of the malformed attributes within the update results in improper parsing of remaining attributes, leading to session reset:<br><br><tt>BGP SEND Notification code 3 (Update Message Error) subcode 1 (invalid attribute list)</tt><br><br>Only systems with segment routing enabled are vulnerable to this issue.<br><br>This issue affects eBGP and iBGP, in both IPv4 and IPv6 implementations, and requires a remote attacker to have at least one established BGP session.<br><br><p>This issue affects:</p><p>Junos OS: <br></p><ul><li>All versions before 21.4R3-S8, </li><li>from 22.2 before 22.2R3-S4, </li><li>from 22.3 before 22.3R3-S3, </li><li>from 22.4 before 22.4R3-S3, </li><li>from 23.2 before 23.2R2-S1, </li><li>from 23.4 before 23.4R1-S2, 23.4R2.</li></ul><p>Junos OS Evolved:&nbsp;</p><ul><li>All versions before 21.4R3-S8-EVO, </li><li>from 22.2-EVO before 22.2R3-S4-EVO, </li><li>from 22.3-EVO before 22.3R3-S3-EVO, </li><li>from 22.4-EVO before 22.4R3-S3-EVO, </li><li>from 23.2-EVO before 23.2R2-S1-EVO, </li><li>from 23.4-EVO before 23.4R1-S2-EVO, 23.4R2-EVO.</li></ul>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-755", "description": "CWE-755 Improper Handling of Exceptional Conditions"}]}], "configurations": [{"lang": "en", "value": "A sample BGP segment routing configuration is shown below:\n\n[ protocols bgp group <name> family inet segment-routing-te ] (IPv4)\n\n\n[ protocols bgp group <name> family inet6 segment-routing-te ] (IPv6)", "supportingMedia": [{"type": "text/html", "value": "A sample BGP segment routing configuration is shown below:<br><br><tt>[ protocols bgp group &lt;name&gt; family inet segment-routing-te ] (IPv4)<br>\n\n[ protocols bgp group &lt;name&gt; family inet6 segment-routing-te ] (IPv6)<br></tt>", "base64": false}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-07-10T22:37:53.351Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39555", "state": "PUBLISHED", "dateUpdated": "2024-07-12T16:41:46.291Z", "dateReserved": "2024-06-25T15:12:53.247Z", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "datePublished": "2024-07-10T22:36:48.706Z", "assignerShortName": "juniper"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service (DoS). Continued receipt and processing of these malformed BGP update messages will create a sustained Denial of Service (DoS) condition.\n\nUpon receipt of a BGP update message over an established BGP session containing a specifically malformed tunnel encapsulation attribute, when segment routing is enabled, internal processing of the malformed attributes within the update results in improper parsing of remaining attributes, leading to session reset:\n\nBGP SEND Notification code 3 (Update Message Error) subcode 1 (invalid attribute list)\n\nOnly systems with segment routing enabled are vulnerable to this issue.\n\nThis issue affects eBGP and iBGP, in both IPv4 and IPv6 implementations, and requires a remote attacker to have at least one established BGP session.\n\nThis issue affects:\n\nJunos OS: \n\n\n * All versions before 21.4R3-S8, \n * from 22.2 before 22.2R3-S4, \n * from 22.3 before 22.3R3-S3, \n * from 22.4 before 22.4R3-S3, \n * from 23.2 before 23.2R2-S1, \n * from 23.4 before 23.4R1-S2, 23.4R2.\n\n\nJunos OS Evolved:\u00a0\n\n * All versions before 21.4R3-S8-EVO, \n * from 22.2-EVO before 22.2R3-S4-EVO, \n * from 22.3-EVO before 22.3R3-S3-EVO, \n * from 22.4-EVO before 22.4R3-S3-EVO, \n * from 23.2-EVO before 23.2R2-S1-EVO, \n * from 23.4-EVO before 23.4R1-S2-EVO, 23.4R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de manejo inadecuado de condiciones excepcionales en el daemon de protocolo de enrutamiento (RPD) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante env\u00ede un mensaje espec\u00edfico de actualizaci\u00f3n de BGP con formato incorrecto para provocar que la sesi\u00f3n se reinicie, lo que resulta en una denegaci\u00f3n de servicio (DoS). La recepci\u00f3n y el procesamiento continuos de estos mensajes de actualizaci\u00f3n de BGP con formato incorrecto crear\u00e1n una condici\u00f3n sostenida de denegaci\u00f3n de servicio (DoS). Al recibir un mensaje de actualizaci\u00f3n de BGP a trav\u00e9s de una sesi\u00f3n BGP establecida que contiene un atributo de encapsulaci\u00f3n de t\u00fanel espec\u00edficamente mal formado, cuando el enrutamiento de segmento est\u00e1 habilitado, el procesamiento interno de los atributos mal formados dentro de la actualizaci\u00f3n da como resultado un an\u00e1lisis inadecuado de los atributos restantes, lo que lleva al restablecimiento de la sesi\u00f3n: BGP SEND C\u00f3digo de notificaci\u00f3n 3 (Error de mensaje de actualizaci\u00f3n) subc\u00f3digo 1 (lista de atributos no v\u00e1lidos) Solo los sistemas con enrutamiento de segmentos habilitado son vulnerables a este problema. Este problema afecta a eBGP e iBGP, tanto en implementaciones IPv4 como IPv6, y requiere que un atacante remoto tenga al menos una sesi\u00f3n BGP establecida. Este problema afecta a: Junos OS: * Todas las versiones anteriores a 21.4R3-8, * desde 22.2 anterior a 22.2R3-S4, * desde 22.3 anterior a 22.3R3-S3, * desde 22.4 anterior a 22.4R3-S3, * desde 23.2 anterior a 23.2R2- S1, * de 23.4 antes de 23.4R1-S2, 23.4R2. Junos OS Evolved: * Todas las versiones anteriores a 21.4R3-S8-EVO, * desde 22.2-EVO antes de 22.2R3-S4-EVO, * desde 22.3-EVO antes de 22.3R3-S3-EVO, * desde 22.4-EVO antes de 22.4R3- S3-EVO, *de 23.2-EVO antes de 23.2R2-S1-EVO, *de 23.4-EVO antes de 23.4R1-S2-EVO, 23.4R2-EVO."}], "id": "CVE-2024-39555", "lastModified": "2024-07-11T13:05:54.930", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "AUTOMATIC", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "LOW", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "NONE"}, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2024-07-10T23:15:11.863", "references": [{"source": "sirt@juniper.net", "url": "https://supportportal.juniper.net/JSA83015"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-755"}], "source": "sirt@juniper.net", "type": "Secondary"}]}

{}