CVE-2024-39541

HIGH EPSS 24.9%

Published Jul 11, 20241y ago · Modified Jun 17, 20261w ago

7.1 CVSS 4.0

High

Published Jul 11, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). When conflicting information (IP or ISO addresses) about a node is added to the Traffic Engineering (TE) database and then a subsequent operation attempts to process these, rpd will crash and restart. This issue affects: Junos OS: * 22.4 versions before 22.4R3-S1, * 23.2 versions before 23.2R2, * 23.4 versions before 23.4R1-S1, 23.4R2, This issue does not affect Junos OS versions earlier than 22.4R1. Junos OS Evolved: * 22.4-EVO versions before 22.4R3-S2-EVO, * 23.2-EVO versions before 23.2R2-EVO, * 23.4-EVO versions before 23.4R1-S1-EVO, 23.4R2-EVO, This issue does not affect Junos OS Evolved versions earlier than before 22.4R1.

CVSS Details

Base Score

7.1

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Adjacent

Attack Complexity Low

Privileges Required None

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

24.9% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-755

Affected Products 31

Vendor	Product	Version	Range
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	22.4	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.2	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos	23.4	any
juniper	junos_os_evolved	22.4	any
juniper	junos_os_evolved	22.4	any
juniper	junos_os_evolved	22.4	any
juniper	junos_os_evolved	22.4	any
juniper	junos_os_evolved	22.4	any
juniper	junos_os_evolved	22.4	any
juniper	junos_os_evolved	22.4	any
juniper	junos_os_evolved	22.4	any
juniper	junos_os_evolved	22.4	any
juniper	junos_os_evolved	23.2	any
juniper	junos_os_evolved	23.2	any
juniper	junos_os_evolved	23.2	any
juniper	junos_os_evolved	23.2	any
juniper	junos_os_evolved	23.4	any
juniper	junos_os_evolved	23.4	any
juniper	junos_os_evolved	23.4	any

References 1

supportportal.juniper.net https://supportportal.juniper.net/JSA83001

Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.