Description

A Buffer Copy without Checking Size of Input vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a  Denial-of-Service (DoS).When multicast traffic with a specific, valid (S,G) is received, evo-pfemand crashes which leads to an outage of the affected FPC until it is manually recovered. This issue affects Junos OS Evolved on ACX7000 Series: * All versions before 21.2R3-S8-EVO, * 21.4-EVO versions before 21.4R3-S7-EVO, * 22.2-EVO versions before 22.2R3-S4-EVO, * 22.3-EVO versions before 22.3R3-S3-EVO,  * 22.4-EVO versions before 22.4R3-S2-EVO,  * 23.2-EVO versions before 23.2R2-EVO,  * 23.4-EVO versions before 23.4R1-S2-EVO, 23.4R2-EVO.

INFO

Published Date :

2024-07-11T16:14:51.304Z

Last Modified :

2024-08-02T04:26:15.171Z

Source :

juniper
AFFECTED PRODUCTS

The following products are affected by CVE-2024-39538 vulnerability.

Vendors Products
Juniper
  • Acx7020
  • Acx7024
  • Acx7024x
  • Acx7100
  • Acx7300
  • Acx7509
  • Junos Os Evolved
Juniper Networks
  • Junos Os Evolved
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-39538.

URL Resource
https://supportportal.juniper.net/JSA82998 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact