Multiple Oracle Products Vulnerabilities
July 23, 2024Multiple D-Link Products Vulnerabilities
July 23, 2024Multiple Oracle Products Vulnerabilities
July 23, 2024Multiple D-Link Products Vulnerabilities
July 23, 2024Severity
Medium
Analysis Summary
CVE-2024-39558 CVSS:6.5
Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by an unchecked return value vulnerability in the Routing Protocol Daemon (rpd). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-39511 CVSS:5.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper input validation vulnerability in the 802.1X authentication (dot1x) Daemon. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-39548 CVSS:6.5
Juniper Networks Junos OS Evolved is vulnerable to a denial of service, caused by an uncontrolled resource consumption vulnerability in the aftmand process. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-39528 CVSS:5.7
Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by a use-after-free vulnerability in the Routing Protocol Daemon (rpd). By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-39514 CVSS:6.5
Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by an improper check or handling of exceptional conditions vulnerability in the Routing Protocol Daemon (rpd). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-39519 CVSS:6.5
Juniper Networks Junos OS Evolved is vulnerable to a denial of service, caused by an improper check for unusual or exceptional conditions vulnerability in the Packet Forwarding Engine (pfe). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-39535 CVSS:6.5
Juniper Networks Junos OS Evolved is vulnerable to a denial of service, caused by an improper check for unusual or exceptional conditions vulnerability in the Packet Forwarding Engine (pfe). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-39536 CVSS:5.3
Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by a missing release of memory after effective lifetime vulnerability in the Periodic Packet Management Daemon (ppmd). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-39554 CVSS:5.9
Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by a race condition in the routing protocol daemon (RPD). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-39558
- CVE-2024-39511
- CVE-2024-39548
- CVE-2024-39528
- CVE-2024-39514
- CVE-2024-39519
- CVE-2024-39535
- CVE-2024-39536
- CVE-2024-39554
Affected Vendors
Affected Products
- Juniper Networks Junos OS
- Juniper Networks Junos OS Evolved
- Juniper Networks Junos OS 21.2
- Juniper Networks Junos OS 21.4
- Juniper Networks Junos OS Evolved 21.4-EVO
- Juniper Networks Junos OS Evolved 22.1-EVO
- Juniper Networks Junos OS Evolved 22.2-EVO
- Juniper Networks Junos OS Evolved 22.4-EVO
- Juniper Networks Junos OS Evolved 22.3-EVO
- Juniper Networks Junos OS Evolved 22.4R2-S1-EVO
Remediation
Refer to Juniper Networks Security Advisory for patch, upgrade or suggested workaround information.