CVE-2024-39529

HIGH EPSS 37.6%
Published Jul 11, 20241y ago · Modified Jun 17, 20262w ago
8.7 CVSS 4.0
High
Find Similar
Published Jul 11, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes a PFE crash and restart, leading to a Denial of Service. This issue affects Junos OS: * All versions before 21.4R3-S6, * 22.2 versions before 22.2R3-S3, * 22.3 versions before 22.3R3-S3, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R2.

CVSS Details

Base Score
8.7
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
37.6% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-134

Affected Products 77

VendorProductVersionRange
juniperjunos* <21.4
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.2any
junipersrx100*any
junipersrx110*any
junipersrx1400*any
junipersrx1500*any
junipersrx1600*any
junipersrx210*any
junipersrx220*any
junipersrx2300*any
junipersrx240*any
junipersrx240h2*any
junipersrx240m*any
junipersrx300*any
junipersrx320*any
junipersrx340*any
junipersrx3400*any
junipersrx345*any
junipersrx3600*any
junipersrx380*any
junipersrx4000*any
junipersrx4100*any
junipersrx4200*any
junipersrx4300*any
junipersrx4600*any
junipersrx4700*any
junipersrx5000*any
junipersrx5400*any
junipersrx550*any
junipersrx550_hm*any
junipersrx550m*any
junipersrx5600*any
junipersrx5800*any
junipersrx650*any

References 1

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.