cve/2024/CVE-2024-30382.md

### [CVE-2024-30382](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30382)
![](https://img.shields.io/static/v1?label=Product&message=Junos%20OS%20Evolved&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Junos%20OS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%2020.4R3-S10%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%2021.2R3-S8-EVO%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-755%20Improper%20Handling%20of%20Exceptional%20Conditions&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service%20(DoS)&color=brighgreen)

### Description

An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial of Service (DoS).This issue can only be triggered when the system is configured for CoS-based forwarding (CBF) with a policy map containing a cos-next-hop-map action (see below).This issue affects:Junos OS:   *  all versions before 20.4R3-S10,   *  from 21.2 before 21.2R3-S8,  *  from 21.3 before 21.3R3,   *  from 21.4 before 21.4R3,   *  from 22.1 before 22.1R2;Junos OS Evolved:   *  all versions before 21.2R3-S8-EVO,  *  from 21.3 before 21.3R3-EVO,   *  from 21.4 before 21.4R3-EVO,   *  from 22.1 before 22.1R2-EVO.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds