admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-04-09 20:00:45 +00:00
parent b21ddfe686
commit ee0cc90a87
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
4 changed files with 720 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

155
2025/30xxx/CVE-2025-30649.json
View File

@ -1,17 +1,164 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-30649",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "sirt@juniper.net",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Input Validation vulnerability in the\u00a0syslog stream TCP transport\u00a0of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticated, network-based attacker, to send specific spoofed packets to cause a CPU Denial of Service (DoS) to the MX-SPC3 SPUs.\n\nContinued receipt and processing of these specific packets will sustain the DoS condition.\n\nThis issue affects Junos OS: * All versions before 22.2R3-S6,\n * from 22.4 before 22.4R3-S4,\n * from 23.2 before 23.2R2-S3,\n * from 23.4 before 23.4R2-S4,\n * from 24.2 before 24.2R1-S2, 24.2R2\n\n\nAn indicator of compromise will indicate the SPC3 SPUs utilization has spiked.\n\n\nFor example:\u00a0\n\u00a0 \u00a0user@device> show services service-sets summary\n Service sets CPU\n Interface configured Bytes used Session bytes used Policy bytes used utilization\n \"interface\" 1 \"bytes\" (percent%) \"sessions\" (\"percent\"%) \"bytes\" (\"percent\"%) 99.97 % OVLD <<<<<< look for high CPU usage"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Juniper Networks",
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "22.2R3-S6"
},
{
"version_affected": "<",
"version_name": "22.4",
"version_value": "22.4R3-S4"
},
{
"version_affected": "<",
"version_name": "23.2",
"version_value": "23.2R2-S3"
},
{
"version_affected": "<",
"version_name": "23.4",
"version_value": "23.4R2-S4"
},
{
"version_affected": "<",
"version_name": "24.2",
"version_value": "24.2R1-S2, 24.2R2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://supportportal.juniper.net/JSA96459",
"refsource": "MISC",
"name": "https://supportportal.juniper.net/JSA96459"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "JSA96459",
"defect": [
"1823932"
],
"discovery": "USER"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>&nbsp; [services service-set \"service-set-name\" syslog stream \"stream-name\" host \"syslog-server-ip-address-or-hostname\"]<br>&nbsp; [services service-set \"service-set-name\" syslog stream \"stream-name\" host port \"syslog-server-port\"]<br><span style=\"background-color: var(--wht);\">&nbsp; [services service-set \"service-set-name\" syslog stream \"stream-name\" transport protocol tcp]<br></span><span style=\"background-color: var(--wht);\">&nbsp; [services service-set \"service-set-name\" syslog stream \"stream-name\" source-address \"syslog-collector-ip-address\"]</span><br></p>"
}
],
"value": "[services service-set \"service-set-name\" syslog stream \"stream-name\" host \"syslog-server-ip-address-or-hostname\"]\n\u00a0 [services service-set \"service-set-name\" syslog stream \"stream-name\" host port \"syslog-server-port\"]\n\u00a0 [services service-set \"service-set-name\" syslog stream \"stream-name\" transport protocol tcp]\n\u00a0 [services service-set \"service-set-name\" syslog stream \"stream-name\" source-address \"syslog-collector-ip-address\"]"
}
],
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS: 22.2R3-S6, 22.4R3-S4, 23.2R2-S3, 23.4R2-S4, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases.<br>"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS: 22.2R3-S6, 22.4R3-S4, 23.2R2-S3, 23.4R2-S4, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

197
2025/30xxx/CVE-2025-30651.json
View File

@ -1,17 +1,206 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-30651",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "sirt@juniper.net",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\nWhen an attacker sends a specific ICMPv6 packet to an interface with \"protocols router-advertisement\" configured, rpd crashes and restarts. Continued receipt of this packet will cause a sustained DoS condition.\u00a0\n\n\n\n\nThis issue only affects systems configured with IPv6.\n\n\n\nThis issue affects Junos OS:\u00a0\n\n\n * All versions before 21.2R3-S9,\u00a0\n * from 21.4 before 21.4R3-S10, \n * from 22.2 before 22.2R3-S6, \n * from 22.4 before 22.4R3-S4, \n * from 23.2 before 23.2R2-S2, \n * from 23.4 before 23.4R2; \n\n\n\nand Junos OS Evolved: \n * All versions before 21.2R3-S9-EVO, \n * from 21.4-EVO before 21.4R3-S10-EVO, \n * from 22.2-EVO before 22.2R3-S6-EVO, \n * from 22.4-EVO before 22.4R3-S4-EVO, \n * from 23.2-EVO before 23.2R2-S2-EVO, \n * from 23.4-EVO before 23.4R2-EVO."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-805 Buffer Access with Incorrect Length Value",
"cweId": "CWE-805"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Juniper Networks",
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "21.2R3-S9"
},
{
"version_affected": "<",
"version_name": "21.4",
"version_value": "21.4R3-S10"
},
{
"version_affected": "<",
"version_name": "22.2",
"version_value": "22.2R3-S6"
},
{
"version_affected": "<",
"version_name": "22.4",
"version_value": "22.4R3-S4"
},
{
"version_affected": "<",
"version_name": "23.2",
"version_value": "23.2R2-S2"
},
{
"version_affected": "<",
"version_name": "23.4",
"version_value": "23.4R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "21.2R3-S9-EVO"
},
{
"version_affected": "<",
"version_name": "21.4-EVO",
"version_value": "21.4R3-S10-EVO"
},
{
"version_affected": "<",
"version_name": "22.2-EVO",
"version_value": "22.2R3-S6-EVO"
},
{
"version_affected": "<",
"version_name": "22.4-EVO",
"version_value": "22.4R3-S4-EVO"
},
{
"version_affected": "<",
"version_name": "23.2-EVO",
"version_value": "23.2R2-S2-EVO"
},
{
"version_affected": "<",
"version_name": "23.4-EVO",
"version_value": "23.4R2-EVO"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://supportportal.juniper.net/JSA96461",
"refsource": "MISC",
"name": "https://supportportal.juniper.net/JSA96461"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "JSA96461",
"defect": [
"1809088"
],
"discovery": "INTERNAL"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following configuration is required to be affected by this issue:<br><br><tt>[ protocols router-advertisement interface &lt;interface-name&gt; ]<br></tt><code>[ interfaces &lt;interface-name&gt; unit &lt;unit&gt; family inet6 address &lt;ipv6-addr&gt; ]</code><br>"
}
],
"value": "The following configuration is required to be affected by this issue:\n\n[ protocols router-advertisement interface <interface-name> ]\n[ interfaces <interface-name> unit <unit> family inet6 address <ipv6-addr> ]"
}
],
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue.<br><br>A firewall filter can be implemented to restrict ICMPv6 traffic."
}
],
"value": "There are no known workarounds for this issue.\n\nA firewall filter can be implemented to restrict ICMPv6 traffic."
}
],
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue:&nbsp;<br>Junos OS: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S4, 23.2R2-S2, 23.4R2, 24.2R1, and all subsequent releases.<br>Junos OS Evolved:&nbsp;21.2R3-S9-EVO, 21.4R3-S10-EVO, 22.2R3-S6-EVO, 22.4R3-S4-EVO, 23.2R2-S2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue:\u00a0\nJunos OS: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S4, 23.2R2-S2, 23.4R2, 24.2R1, and all subsequent releases.\nJunos OS Evolved:\u00a021.2R3-S9-EVO, 21.4R3-S10-EVO, 22.2R3-S6-EVO, 22.4R3-S4-EVO, 23.2R2-S2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

207
2025/30xxx/CVE-2025-30652.json
View File

@ -1,17 +1,216 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-30652",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "sirt@juniper.net",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker executing a CLI command to cause a Denial of Service (DoS).\n\nWhen\u00a0asregex-optimized is configured and a specific \"show route as-path\"\u00a0CLI command is executed, the rpd crashes and restarts. Repeated execution of this command will cause a sustained DoS condition.\nThis issue affects Junos OS: \n\n\n * All versions before 21.2R3-S9, \n * from 21.4 before 21.4R3-S10, \n * from 22.2 before 22.2R3-S6, \n * from 22.4 before 22.4R3-S6, \n * from 23.2 before 23.2R2-S3, \n * from 23.4 before 23.4R2-S4, \n * from 24.2 before 24.2R2.\n\n\n\nand Junos OS Evolved: \n * All versions before 21.2R3-S9-EVO, \n * from 21.4-EVO before 21.4R3-S10-EVO, \n * from 22.2-EVO before 22.2R3-S6-EVO, \n * from 22.4-EVO before 22.4R3-S6-EVO, \n * from 23.2-EVO before 23.2R2-S3-EVO, \n * from 23.4-EVO before 23.4R2-S4-EVO, \n * from 24.2-EVO before 24.2R2-EVO."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions",
"cweId": "CWE-755"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Juniper Networks",
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "21.2R3-S9"
},
{
"version_affected": "<",
"version_name": "21.4",
"version_value": "21.4R3-S10"
},
{
"version_affected": "<",
"version_name": "22.2",
"version_value": "22.2R3-S6"
},
{
"version_affected": "<",
"version_name": "22.4",
"version_value": "22.4R3-S6"
},
{
"version_affected": "<",
"version_name": "23.2",
"version_value": "23.2R2-S3"
},
{
"version_affected": "<",
"version_name": "23.4",
"version_value": "23.4R2-S4"
},
{
"version_affected": "<",
"version_name": "24.2",
"version_value": "24.2R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "21.2R3-S9-EVO"
},
{
"version_affected": "<",
"version_name": "21.4-EVO",
"version_value": "21.4R3-S10-EVO"
},
{
"version_affected": "<",
"version_name": "22.2-EVO",
"version_value": "22.2R3-S6-EVO"
},
{
"version_affected": "<",
"version_name": "22.4-EVO",
"version_value": "22.4R3-S6-EVO"
},
{
"version_affected": "<",
"version_name": "23.2-EVO",
"version_value": "23.2R2-S3-EVO"
},
{
"version_affected": "<",
"version_name": "23.4-EVO",
"version_value": "23.4R2-S4-EVO"
},
{
"version_affected": "<",
"version_name": "24.2-EVO",
"version_value": "24.2R2-EVO"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://supportportal.juniper.net/JSA96462",
"refsource": "MISC",
"name": "https://supportportal.juniper.net/JSA96462"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "JSA96462",
"defect": [
"1848929"
],
"discovery": "USER"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Required configuration for exposure:<br><tt>[ edit policy-options defaults ]<br></tt><tt>[&nbsp;asregex-optimize optimize ]</tt><br>"
}
],
"value": "Required configuration for exposure:\n[ edit policy-options defaults ]\n[\u00a0asregex-optimize optimize ]"
}
],
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.<br><br>Utilize CLI authorization to disallow execution of the 'show route as-path' command.<br><br>"
}
],
"value": "Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.\n\nUtilize CLI authorization to disallow execution of the 'show route as-path' command."
}
],
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue:<br>Junos OS: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases.<br>Junos OS Evolved: 21.2R3-S9-EVO, 21.4R3-S10-EVO, 22.2R3-S6-EVO, 22.4R3-S6-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO, and all subsequent releases.<br><br>"
}
],
"value": "The following software releases have been updated to resolve this specific issue:\nJunos OS: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases.\nJunos OS Evolved: 21.2R3-S9-EVO, 21.4R3-S10-EVO, 22.2R3-S6-EVO, 22.4R3-S6-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO, and all subsequent releases."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

177
2025/30xxx/CVE-2025-30653.json
View File

@ -1,17 +1,186 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-30653",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "sirt@juniper.net",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Expired Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS).On all Junos OS and Junos OS Evolved platforms, when an MPLS Label-Switched Path (LSP) is configured with node-link-protection and transport-class, and an LSP flaps, rpd crashes and restarts. Continuous flapping of LSP can cause a sustained Denial of Service (DoS) condition.\n\nThis issue affects:\n\nJunos OS:\n\n\n\n * All versions before 22.2R3-S4,\n\n * 22.4 versions before 22.4R3-S2,\n\n * 23.2 versions before 23.2R2,\n\n * 23.4 versions before 23.4R2.\n\n\n\n\n\nJunos OS Evolved:\n\n\n\n * All versions before 22.2R3-S4-EVO,\n\n * 22.4-EVO versions before 22.4R3-S2-EVO,\n\n * 23.2-EVO versions before 23.2R2-EVO,\n\n * 23.4-EVO versions before 23.4R2-EVO."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-825 Expired Pointer Dereference",
"cweId": "CWE-825"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Juniper Networks",
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "22.2R3-S4"
},
{
"version_affected": "<",
"version_name": "22.4",
"version_value": "22.4R3-S2"
},
{
"version_affected": "<",
"version_name": "23.2",
"version_value": "23.2R2"
},
{
"version_affected": "<",
"version_name": "23.4",
"version_value": "23.4R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "22.2R3-S4-EVO"
},
{
"version_affected": "<",
"version_name": "22.4-EVO",
"version_value": "22.4R3-S2-EVO"
},
{
"version_affected": "<",
"version_name": "23.2-EVO",
"version_value": "23.2R2-EVO"
},
{
"version_affected": "<",
"version_name": "23.4-EVO",
"version_value": "23.4R2-EVO"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://supportportal.juniper.net/JSA96463",
"refsource": "MISC",
"name": "https://supportportal.juniper.net/JSA96463"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "JSA96463",
"defect": [
"1788445"
],
"discovery": "USER"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>For this issue to occur, MPLS LSP needs to be configured with node-link-protection and transport-class. The tunnel\nneeds to be configured with both primary (strict hops) and secondary (partially strict hops) paths.<br><br>[ protocols mpls label-switched-path tunnel-&lt;name&gt; node-link-protection ]<br>[ protocols mpls label-switched-path tunnel-&lt;name&gt; adaptive ]<br>[ protocols mpls label-switched-path tunnel-&lt;name&gt;&nbsp;primary &lt;route1_name&gt; ]<br>[ protocols mpls label-switched-path tunnel-&lt;name&gt; secondary &lt;route2_name&gt; ]<br>[ protocols mpls label-switched-path tunnel-&lt;name&gt; transport-class &lt;name&gt; ]</p>"
}
],
"value": "For this issue to occur, MPLS LSP needs to be configured with node-link-protection and transport-class. The tunnel\nneeds to be configured with both primary (strict hops) and secondary (partially strict hops) paths.\n\n[ protocols mpls label-switched-path tunnel-<name> node-link-protection ]\n[ protocols mpls label-switched-path tunnel-<name> adaptive ]\n[ protocols mpls label-switched-path tunnel-<name>\u00a0primary <route1_name> ]\n[ protocols mpls label-switched-path tunnel-<name> secondary <route2_name> ]\n[ protocols mpls label-switched-path tunnel-<name> transport-class <name> ]"
}
],
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue:<br><br>Junos OS:&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">22.2R3-S4, 22.4R3-S2, 23.2R2, 23.4R2, 24.2R1,&nbsp;and all subsequent releases.<br></span><br>Junos OS Evolved: 22.2R3-S4-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS:\u00a022.2R3-S4, 22.4R3-S2, 23.2R2, 23.4R2, 24.2R1,\u00a0and all subsequent releases.\n\nJunos OS Evolved: 22.2R3-S4-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}