Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon (iked) of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec negotiation to trigger an iked crash leading to Denial of Service (DoS). This issue is applicable to all platforms that run iked. This issue affects Junos OS on SRX Series, MX Series with SPC3 and NFX350:  * All versions before 21.2R3-S8,  * from 21.4 before 21.4R3-S7,  * from 22.1 before 22.1R3-S2,  * from 22.2 before 22.2R3-S1,  * from 22.3 before 22.3R2-S1, 22.3R3,  * from 22.4 before 22.4R1-S2, 22.4R2, 22.4R3.

INFO

Published Date :

2024-07-11T16:22:13.915Z

Last Modified :

2024-08-02T04:26:15.979Z

Source :

juniper
AFFECTED PRODUCTS

The following products are affected by CVE-2024-39545 vulnerability.

Vendors Products
Juniper
  • Junos
  • Junos Os
  • Mx-spc3
  • Mx10004
  • Mx10008
  • Mx2008
  • Mx2010
  • Mx2020
  • Mx204
  • Mx240
  • Mx304
  • Mx480
  • Mx960
  • Nfx350
  • Srx1500
  • Srx1600
  • Srx2300
  • Srx300
  • Srx320
  • Srx340
  • Srx345
  • Srx380
  • Srx4100
  • Srx4120
  • Srx4200
  • Srx4300
  • Srx4600
  • Srx4700
  • Srx5400
  • Srx5600
  • Srx5800
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-39545.

URL Resource
https://supportportal.juniper.net/JSA83007 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact