nvd-json-data-feeds/CVE-2024/CVE-2024-304xx/CVE-2024-30402.json

{
  "id": "CVE-2024-30402",
  "sourceIdentifier": "sirt@juniper.net",
  "published": "2024-04-12T16:15:39.930",
  "lastModified": "2024-04-12T16:15:39.930",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
      "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon\u00a0(l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nWhen telemetry requests are sent to the device,\u00a0and the Dynamic Rendering Daemon (drend) is suspended, the l2ald crashes and restarts due to factors outside the attackers control. Repeated occurrences of these events causes a sustained DoS condition.\n\n\nThis issue affects:\nJunos OS:\nAll versions earlier than\u00a020.4R3-S10;\n21.2 versions earlier than\u00a021.2R3-S7;\n21.4 versions earlier than\u00a021.4R3-S5;\n22.1 versions earlier than\u00a022.1R3-S4;\n22.2 versions earlier than\u00a022.2R3-S3;\n22.3 versions earlier than\u00a022.3R3-S1;\n22.4 versions earlier than\u00a022.4R3;\n23.2 versions earlier than\u00a023.2R1-S2, 23.2R2.\n\nJunos OS Evolved:\n\nAll versions earlier than\u00a021.4R3-S5-EVO;\n22.1-EVO versions earlier than\u00a022.1R3-S4-EVO;\n22.2-EVO versions earlier than\u00a022.2R3-S3-EVO;\n22.3-EVO versions earlier than\u00a022.3R3-S1-EVO;\n22.4-EVO versions earlier than\u00a022.4R3-EVO;\n23.2-EVO versions earlier than\u00a023.2R2-EVO.\n\n"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "sirt@juniper.net",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "sirt@juniper.net",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://supportportal.juniper.net/JSA79180",
      "source": "sirt@juniper.net"
    },
    {
      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "source": "sirt@juniper.net"
    }
  ]
}
Auto-Update: 2024-04-12T18:01:15.416624+00:00 2024-04-12 18:04:07 +00:00			`{`
			`"id": "CVE-2024-30402",`
			`"sourceIdentifier": "sirt@juniper.net",`
			`"published": "2024-04-12T16:15:39.930",`
			`"lastModified": "2024-04-12T16:15:39.930",`
			`"vulnStatus": "Received",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon\u00a0(l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nWhen telemetry requests are sent to the device,\u00a0and the Dynamic Rendering Daemon (drend) is suspended, the l2ald crashes and restarts due to factors outside the attackers control. Repeated occurrences of these events causes a sustained DoS condition.\n\n\nThis issue affects:\nJunos OS:\nAll versions earlier than\u00a020.4R3-S10;\n21.2 versions earlier than\u00a021.2R3-S7;\n21.4 versions earlier than\u00a021.4R3-S5;\n22.1 versions earlier than\u00a022.1R3-S4;\n22.2 versions earlier than\u00a022.2R3-S3;\n22.3 versions earlier than\u00a022.3R3-S1;\n22.4 versions earlier than\u00a022.4R3;\n23.2 versions earlier than\u00a023.2R1-S2, 23.2R2.\n\nJunos OS Evolved:\n\nAll versions earlier than\u00a021.4R3-S5-EVO;\n22.1-EVO versions earlier than\u00a022.1R3-S4-EVO;\n22.2-EVO versions earlier than\u00a022.2R3-S3-EVO;\n22.3-EVO versions earlier than\u00a022.3R3-S1-EVO;\n22.4-EVO versions earlier than\u00a022.4R3-EVO;\n23.2-EVO versions earlier than\u00a023.2R2-EVO.\n\n"
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "sirt@juniper.net",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "HIGH",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "NONE",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 5.9,`
			`"baseSeverity": "MEDIUM"`
			`},`
			`"exploitabilityScore": 2.2,`
			`"impactScore": 3.6`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "sirt@juniper.net",`
			`"type": "Secondary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-754"`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://supportportal.juniper.net/JSA79180",`
			`"source": "sirt@juniper.net"`
			`},`
			`{`
			`"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",`
			`"source": "sirt@juniper.net"`
			`}`
			`]`
			`}`