CVE-2024-39541

Published: Jul 11, 2024Modified: Jan 23, 2026

7.1

Vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: sirt@juniper.net (Secondary)

Description

An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). When conflicting information (IP or ISO addresses) about a node is added to the Traffic Engineering (TE) database and then a subsequent operation attempts to process these, rpd will crash and restart. This issue affects: Junos OS: * 22.4 versions before 22.4R3-S1, * 23.2 versions before 23.2R2, * 23.4 versions before 23.4R1-S1, 23.4R2, This issue does not affect Junos OS versions earlier than 22.4R1. Junos OS Evolved: * 22.4-EVO versions before 22.4R3-S2-EVO, * 23.2-EVO versions before 23.2R2-EVO, * 23.4-EVO versions before 23.4R1-S1-EVO, 23.4R2-EVO, This issue does not affect Junos OS Evolved versions earlier than before 22.4R1.

Affected (31)

Products: Juniper: Junos, Junos Os Evolved

Juniper

2 products

Junos

Junos Os Evolved

Configuration A

31 vulnerable

Vulnerable Software	Affected Versions
Juniper Junos	Version 22.4
Juniper Junos	Version 22.4 r1-s1
Juniper Junos	Version 22.4 r1-s2
Juniper Junos	Version 22.4 r1
Juniper Junos	Version 22.4 r2-s1
Juniper Junos	Version 22.4 r2-s2
Juniper Junos	Version 22.4 r2
Juniper Junos	Version 22.4 r3
Juniper Junos	Version 23.2
Juniper Junos	Version 23.2 r1-s1
Juniper Junos	Version 23.2 r1-s2
Juniper Junos	Version 23.2 r1
Juniper Junos	Version 23.4
Juniper Junos	Version 23.4 r1
Juniper Junos	Version 23.4 r2
Juniper Junos Os Evolved	Version 22.4
Juniper Junos Os Evolved	Version 22.4 r1-s1
Juniper Junos Os Evolved	Version 22.4 r1-s2
Juniper Junos Os Evolved	Version 22.4 r1
Juniper Junos Os Evolved	Version 22.4 r2-s1
Juniper Junos Os Evolved	Version 22.4 r2-s2
Juniper Junos Os Evolved	Version 22.4 r2
Juniper Junos Os Evolved	Version 22.4 r3-s1
Juniper Junos Os Evolved	Version 22.4 r3
Juniper Junos Os Evolved	Version 23.2
Juniper Junos Os Evolved	Version 23.2 r1-s1
Juniper Junos Os Evolved	Version 23.2 r1-s2
Juniper Junos Os Evolved	Version 23.2 r1
Juniper Junos Os Evolved	Version 23.4
Juniper Junos Os Evolved	Version 23.4 r1
Juniper Junos Os Evolved	Version 23.4 r2

Related CWEs

CWE-755

Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

References (2)

https://supportportal.juniper.net/JSA83001

Source: sirt@juniper.net

Vendor Advisory

https://supportportal.juniper.net/JSA83001

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.