Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentJuniperVULNRICHMENT:CVE-2024-30395
HistoryApr 12, 2024 - 3:07 p.m.

CVE-2024-30395 Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash

2024-04-1215:07:20
CWE-1287
juniper
github.com
3
cve-2024-30395
junos os
junos os evolved
bgp
tunnel encapsulation
vulnerability
rpd
dos
network-based attacker
improper validation
junos os versions
junos os evolved versions
jsa75739

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS4

8.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:L

AI Score

6.9

Confidence

High

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

JSON

An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon (RPD) of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause Denial of Service (DoS).

If a BGP update is received over an established BGP session which contains a tunnel encapsulation attribute with a specifically malformed TLV, rpd will crash and restart.
This issue affects:

Junos OS:

  • all versions before 21.2R3-S7,

  • from 21.3 before 21.3R3-S5,

  • from 21.4 before 21.4R3-S5,

  • from 22.1 before 22.1R3-S5,

  • from 22.2 before 22.2R3-S3,

  • from 22.3 before 22.3R3-S2,

  • from 22.4 before 22.4R3,

  • from 23.2 before 23.2R1-S2, 23.2R2.

Junos OS Evolved:

  • all versions before 21.2R3-S7-EVO,

  • from 21.3-EVO before 21.3R3-S5-EVO,

  • from 21.4-EVO before 21.4R3-S5-EVO,

  • from 22.2-EVO before 22.2R3-S3-EVO,

  • from 22.3-EVO before 22.3R3-S2-EVO,

  • from 22.4-EVO before 22.4R3-EVO,

  • from 23.2-EVO before 23.2R1-S2-EVO, 23.2R2-EVO.

This is a related but separate issue than the one described in JSA75739

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:o:juniper:junos_os_evolved:21.3:-:*:*:*:*:*:*"
    ],
    "vendor": "juniper",
    "product": "junos_os_evolved",
    "versions": [
      {
        "status": "affected",
        "version": "21.3",
        "lessThan": "21.3r3-s5",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "cpes": [
      "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*"
    ],
    "vendor": "juniper",
    "product": "junos_os_evolved",
    "versions": [
      {
        "status": "affected",
        "version": "21.4",
        "lessThan": "21.4r3-s5",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "cpes": [
      "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*"
    ],
    "vendor": "juniper",
    "product": "junos_os_evolved",
    "versions": [
      {
        "status": "affected",
        "version": "22.2",
        "lessThan": "22.2.r3-s3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "cpes": [
      "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*"
    ],
    "vendor": "juniper",
    "product": "junos_os_evolved",
    "versions": [
      {
        "status": "affected",
        "version": "22.3",
        "lessThan": "22.3r3-s2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "cpes": [
      "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*"
    ],
    "vendor": "juniper",
    "product": "junos_os_evolved",
    "versions": [
      {
        "status": "affected",
        "version": "22.4",
        "lessThan": "22.4r3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "cpes": [
      "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*"
    ],
    "vendor": "juniper",
    "product": "junos_os_evolved",
    "versions": [
      {
        "status": "affected",
        "version": "23.2",
        "lessThan": "23.r1-s2",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "23.2",
        "lessThan": "23.2r2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "cpes": [
      "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*"
    ],
    "vendor": "juniper",
    "product": "junos_os_evolved",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "21.2r3-s7",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Related

cve 1
cvelist 1
nessus 1
nvd 1
cve
cve
CVE-2024-30395
2024-04-12 15:15:24
cvelist
cvelist
CVE-2024-30395 Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash
2024-04-12 15:07:20
nessus
nessus
Juniper Junos OS Vulnerability (JSA79095)
2024-06-07 00:00:00
nvd
nvd
CVE-2024-30395
2024-04-12 15:15:24

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS4

8.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:L

AI Score

6.9

Confidence

High

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2024-30395
cve1cvelist1nessus1nvd1