CVE-2024-30409

EUVD-2024-28330

12.04.2024, 15:15

An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon (fibtd) to crash, leading to a limited Denial of Service. 

This issue affects Juniper Networks

 Junos OS:
  *  from 22.1 before 22.1R1-S2, 22.1R2.


Junos OS Evolved: 
  *  from 22.1 before 22.1R1-S2-EVO, 22.1R2-EVO.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
juniper	CNA	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: 25%

Affected Products (NVD)

Vendor	Product	Version
juniper	junos	22.1
juniper	junos	22.1:r1
juniper	junos	22.1:r1-s1
juniper	junos_os_evolved	22.1
juniper	junos_os_evolved	22.1:r1
juniper	junos_os_evolved	22.1:r1-s1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-754 - Improper Check for Unusual or Exceptional Conditions
The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.

References

https://supportportal.juniper.net/JSA79099

https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

https://supportportal.juniper.net/JSA79099

https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N