{"vulnerability": "CVE-2024-3952", "sightings": [{"uuid": "adaba2ac-0627-4385-a188-c4feb556090f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39525", "type": "seen", "source": "https://t.me/cvedetector/7533", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39525 - Juniper Networks Junos OS and Junos OS Evolved BGP Packet Handling Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39525 \nPublished : Oct. 9, 2024, 8:15 p.m. | 44\u00a0minutes ago \nDescription : An\u00a0Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specific BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS).\u00a0Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.  \n  \nThis issue only affects systems with\u00a0BGP traceoptions enabled and   \n  \nrequires a BGP session to be already established.\u00a0 Systems without\u00a0BGP traceoptions enabled are not affected by this issue.  \n  \nThis issue affects iBGP and eBGP, and both\u00a0IPv4 and IPv6 are affected by this vulnerability.  \n  \nThis issue affects:  \n  \nJunos OS:\u00a0  \n  \n  \n  \n  *  All versions before 21.2R3-S8,\u00a0  \n  *  from 21.4 before 21.4R3-S8,\u00a0  \n  *  from 22.2 before 22.2R3-S4,\u00a0  \n  *  from 22.3 before 22.3R3-S4,  \n  *  from 22.4 before 22.4R3-S3,\u00a0  \n  *  from 23.2 before 23.2R2-S1,\u00a0  \n  *  from 23.4 before 23.4R2;\u00a0  \n  \n  \n  \n  \nJunos OS Evolved:\u00a0  \n  \n  \n  \n  *  All versions before 21.2R3-S8-EVO,\u00a0  \n  *  from 21.4-EVO before 21.4R3-S8-EVO,\u00a0  \n  *  from 22.2-EVO before 22.2R3-S4-EVO,\u00a0  \n  *  from 22.3-EVO before 22.3R3-S4-EVO,  \n  *  from 22.4-EVO before 22.4R3-S3-EVO,\u00a0  \n  *  from 23.2-EVO before 23.2R2-S1-EVO,\u00a0  \n  *  from 23.4-EVO before 23.4R2-EVO. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-09T23:11:21.000000Z"}, {"uuid": "7d963a95-708e-48bc-9ce3-925d90857e38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39520", "type": "seen", "source": "https://t.me/cvedetector/671", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39520 - An\u00a0Improper Neutralization of Special Elements vul\", \n  \"Content\": \"CVE ID : CVE-2024-39520 \nPublished : July 11, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : An\u00a0Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system.  \n  \nThe Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which execute specific CLI commands with a crafted set of parameters to escalate their privileges to root on shell level.  \n  \nThis issue affects Junos OS Evolved:  \n  \n  *  All version before 20.4R3-S6-EVO,\u00a0  \n  *  21.2-EVO versions before 21.2R3-S4-EVO,  \n  *  21.4-EVO versions before 21.4R3-S6-EVO,\u00a0  \n  *  22.2-EVO versions before 22.2R2-S1-EVO, 22.2R3-EVO,\u00a0  \n  *  22.3-EVO versions before 22.3R2-EVO. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T19:09:40.000000Z"}, {"uuid": "09272a1d-fe2d-40a6-8f81-37891e258212", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39524", "type": "seen", "source": "https://t.me/cvedetector/670", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39524 - An Improper Neutralization of Special Elements vul\", \n  \"Content\": \"CVE ID : CVE-2024-39524 \nPublished : July 11, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system.  \n  \nThe Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which execute specific CLI commands with a crafted set of parameters to escalate their privileges to root on shell level.  \n  \nThis issue affects Junos OS Evolved:  \n  \nAll versions before 20.4R3-S7-EVO,  \n  \n21.2-EVO versions before 21.2R3-S8-EVO,  \n  \n21.4-EVO versions before 21.4R3-S7-EVO,\u00a0  \n  \n22.2-EVO versions before 22.2R3-EVO,  \n  \n22.3-EVO versions before 22.3R2-EVO,  \n  \n22.4-EVO versions before 22.4R2-EVO. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T19:09:36.000000Z"}, {"uuid": "2094eb7a-6f35-456f-9c75-577d6c13efb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39522", "type": "seen", "source": "https://t.me/cvedetector/669", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39522 - An Improper Neutralization of Special Elements vul\", \n  \"Content\": \"CVE ID : CVE-2024-39522 \nPublished : July 11, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system.  \n  \nThe Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which execute specific CLI commands with a crafted set of parameters to escalate their privileges to root on shell level.  \n  \n  \nThis issue affects Junos OS Evolved:  \n  \n  \n  \n  *  22.3-EVO versions before 22.3R2-EVO,  \n  *  22.4-EVO versions before 22.4R1-S1-EVO, 22.4R2-EVO. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T19:09:35.000000Z"}, {"uuid": "c70f562c-aa45-4960-ae86-a62280df1a59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39521", "type": "seen", "source": "https://t.me/cvedetector/668", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39521 - An Improper Neutralization of Special Elements vul\", \n  \"Content\": \"CVE ID : CVE-2024-39521 \nPublished : July 11, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system.  \n  \nThe Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which execute specific CLI commands with a crafted set of parameters to escalate their privileges to root on shell level.  \n  \n  \nThis issue affects Junos OS Evolved:\u00a0  \n  \n  \n  \n  *  21.1-EVO versions 21.1R1-EVO and later before 21.2R3-S8-EVO,\u00a0  \n  *  21.4-EVO versions before 21.4R3-S7-EVO,  \n  *  22.1-EVO versions before 22.1R3-S6-EVO,\u00a0  \n  *  22.2-EVO versions before 22.2R3-EVO,  \n  *  22.3-EVO versions before 22.3R2-EVO. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T19:09:34.000000Z"}, {"uuid": "0e8471a9-7bea-44b1-a9dd-8447af14137e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39523", "type": "seen", "source": "https://t.me/cvedetector/667", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39523 - An Improper Neutralization of Special Elements vul\", \n  \"Content\": \"CVE ID : CVE-2024-39523 \nPublished : July 11, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system.  \n  \nThe Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which execute specific CLI commands with a crafted set of parameters to escalate their privileges to root on shell level.  \n  \nThis issue affects Junos OS Evolved:\u00a0  \n  \n  *  All versions before 20.4R3-S7-EVO,  \n  *  21.2-EVO versions before 21.2R3-S8-EVO,  \n  *  21.4-EVO versions before 21.4R3-S7-EVO,  \n  *  22.1-EVO versions before 22.1R3-S6-EVO,\u00a0  \n  *  22.2-EVO versions before 22.2R3-EVO,  \n  *  22.3-EVO versions before 22.3R2-EVO,  \n  *  22.4-EVO versions before 22.4R2-EVO. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T19:09:33.000000Z"}, {"uuid": "43abed2d-dfc6-49a4-aae7-647abba6f08f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39528", "type": "seen", "source": "https://t.me/cvedetector/666", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39528 - A Use After Free vulnerability in the Routing Prot\", \n  \"Content\": \"CVE ID : CVE-2024-39528 \nPublished : July 11, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service (DoS).On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at the same time a specific SNMP request is received, a segmentation fault occurs which causes rpd to crash and restart.  \n  \n  \n  \n  \nThis issue affects:  \n  \n\u00a0 \u00a0Junos OS:  \n  \n  \n  \n  *  All versions before 21.2R3-S8,\u00a0  \n  *  21.4 versions before 21.4R3-S5,  \n  *  22.2 versions before 22.2R3-S3,  \n  *  22.3 versions before 22.3R3-S2,  \n  *  22.4 versions before 22.4R3,  \n  *  23.2 versions before 23.2R2.  \n  \n  \n  \n  \n \u00a0 Junos OS Evolved:  \n  \n  \n  \n  *  All versions before 21.2R3-S8-EVO,  \n  *  21.4-EVO versions before 21.4R3-S5-EVO,  \n  *  22.2-EVO versions before 22.2R3-S3-EVO,\u00a0  \n  *  22.3-EVO versions before 22.3R3-S2-EVO,  \n  *  22.4-EVO versions before 22.4R3-EVO,  \n  *  23.2-EVO versions before 23.2R2-EVO. \nSeverity: 5.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T19:09:32.000000Z"}, {"uuid": "8fd3e389-208d-475d-801c-18c48f2c0e11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39529", "type": "seen", "source": "https://t.me/cvedetector/665", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39529 - A Use of Externally-Controlled Format String vulne\", \n  \"Content\": \"CVE ID : CVE-2024-39529 \nPublished : July 11, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a\u00a0Denial-of-Service (DoS).  \n  \n  \n  \nIf DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes\u00a0a PFE crash and restart, leading to a Denial of Service.  \n  \nThis issue affects Junos OS:   \n  *  All versions before 21.4R3-S6,  \n  *  22.2 versions before 22.2R3-S3,  \n  *  22.3 versions before 22.3R3-S3,  \n  *  22.4 versions before 22.4R3,  \n  *  23.2 versions before 23.2R2. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T19:09:28.000000Z"}]}