Unknown
CVE-2024-30382
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2024-30382
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial of Service (DoS).
This issue can only be triggered when the system is configured for CoS-based forwarding (CBF) with a policy map containing a cos-next-hop-map action (see below).
This issue affects:
Junos OS:
- all versions before 20.4R3-S10,
- from 21.2 before 21.2R3-S8,
- from 21.3 before 21.3R3,
- from 21.4 before 21.4R3,
- from 22.1 before 22.1R2;
Junos OS Evolved:
- all versions before 21.2R3-S8-EVO,
- from 21.3 before 21.3R3-EVO,
- from 21.4 before 21.4R3-EVO,
- from 22.1 before 22.1R2-EVO.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
- Juniper Networks
Products
- Junos OS,
- Junos OS Evolved
References
Additional Info
Technical Analysis
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
