mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-30 18:04:30 +00:00
170 lines
7.6 KiB
JSON
170 lines
7.6 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-39559",
|
|
"ASSIGNER": "sirt@juniper.net",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS Evolved may allow a network-based unauthenticated attacker to crash the device (vmcore) by sending a specific TCP packet over an established TCP session with MD5 authentication enabled, destined to an accessible port on the device, resulting in a Denial of Service (DoS).\u00a0 The receipt of this packet must occur within a specific timing window outside the attacker's control (i.e., race condition).\n\nContinued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.\n\nThis issue only affects\u00a0dual RE systems with Nonstop Active Routing (NSR) enabled.\nExploitation can only occur over TCP sessions with MD5 authentication enabled (e.g., BGP with MD5 authentication).\n\nThis issue affects Junos OS Evolved:\u00a0\n\n\n\n * All versions before 21.2R3-S8-EVO, \n * from 21.4-EVO before 21.4R3-S6-EVO, \n * from 22.1-EVO before 22.1R3-S4-EVO, \n * from 22.2-EVO before 22.2R3-S4-EVO, \n * from 22.3-EVO before 22.3R3-S3-EVO, \n * from 22.4-EVO before 22.4R2-S2-EVO, 22.4R3-EVO."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
|
|
"cweId": "CWE-754"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Juniper Networks",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Junos OS Evolved",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "0",
|
|
"version_value": "21.2R3-S8-EVO"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "21.4-EVO",
|
|
"version_value": "21.4R3-S6-EVO"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "22.1-EVO",
|
|
"version_value": "22.1R3-S4-EVO"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "22.2-EVO",
|
|
"version_value": "22.2R3-S4-EVO"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "22.3-EVO",
|
|
"version_value": "22.3R3-S3-EVO"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "22.4-EVO",
|
|
"version_value": "22.4R2-S2-EVO, 22.4R3-EVO"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://supportportal.juniper.net/JSA83019",
|
|
"refsource": "MISC",
|
|
"name": "https://supportportal.juniper.net/JSA83019"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.1.0-dev"
|
|
},
|
|
"source": {
|
|
"advisory": "JSA83019",
|
|
"defect": [
|
|
"1723268"
|
|
],
|
|
"discovery": "INTERNAL"
|
|
},
|
|
"configuration": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "An example of a system with NSR enabled is shown below:<br><br><tt>[ routing-options nonstop-routing ]</tt><br><br>\n\nMD5 authentication is enabled for BGP using the following configuration option:<br><br><tt>[ protocols bgp ... authentication-key <password> ]</tt>"
|
|
}
|
|
],
|
|
"value": "An example of a system with NSR enabled is shown below:\n\n[ routing-options\u00a0nonstop-routing ]\n\n\n\nMD5 authentication is enabled for BGP using the following configuration option:\n\n[ protocols bgp ... authentication-key <password> ]"
|
|
}
|
|
],
|
|
"work_around": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "There are no known workarounds for this issue."
|
|
}
|
|
],
|
|
"value": "There are no known workarounds for this issue."
|
|
}
|
|
],
|
|
"exploit": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
|
|
}
|
|
],
|
|
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
|
|
}
|
|
],
|
|
"solution": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S8-EVO, 21.4R3-S6-EVO, 22.1R3-S4-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R2-S2-EVO, 22.4R3-EVO, 23.2R1-EVO, and all subsequent releases."
|
|
}
|
|
],
|
|
"value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S8-EVO, 21.4R3-S6-EVO, 22.1R3-S4-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R2-S2-EVO, 22.4R3-EVO, 23.2R1-EVO, and all subsequent releases."
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"attackComplexity": "HIGH",
|
|
"attackVector": "NETWORK",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 5.9,
|
|
"baseSeverity": "MEDIUM",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"privilegesRequired": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"version": "3.1"
|
|
}
|
|
]
|
|
}
|
|
} |