fkie_nvd - fkie_cve-2024-30388

FKIE_CVE-2024-30388

Vulnerability from fkie_nvd - Published: 2024-04-12 16:15 - Updated: 2024-11-21 09:11

Severity ?

6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss. This issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series: * 20.4 versions from 20.4R3-S4 before 20.4R3-S8, * 21.2 versions from 21.2R3-S2 before 21.2R3-S6, * 21.4 versions from 21.4R2 before 21.4R3-S4, * 22.1 versions from 22.1R2 before 22.1R3-S3, * 22.2 versions before 22.2R3-S1, * 22.3 versions before 22.3R2-S2, 22.3R3, * 22.4 versions before 22.4R2-S1, 22.4R3.

References

	URL	Tags
	sirt@juniper.net	http://supportportal.juniper.net/JSA79089
	sirt@juniper.net	https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
	af854a3a-2127-422b-91ae-364da2661108	http://supportportal.juniper.net/JSA79089
	af854a3a-2127-422b-91ae-364da2661108	https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nIf a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss.\nThis issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series:\n\n\n\n  *  20.4 versions from \n\n20.4R3-S4\n\nbefore 20.4R3-S8,\n  *  21.2 versions from \n\n21.2R3-S2\n\nbefore 21.2R3-S6,\n  *  21.4 versions from \n\n21.4R2\n\nbefore 21.4R3-S4,\n\n  *  22.1 versions from\n\n22.1R2\n\n before 22.1R3-S3,\n  *  22.2 versions before 22.2R3-S1,\n  *  22.3 versions before 22.3R2-S2, 22.3R3,\n  *  22.4 versions before 22.4R2-S1, 22.4R3."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de aislamiento o compartimentaci\u00f3n incorrecta en el motor de reenv\u00edo de paquetes (pfe) de Juniper Networks Junos OS en las series QFX5000 y EX permite que un atacante adyacente no autenticado provoque una denegaci\u00f3n de servicio (DoS). Si un paquete LACP espec\u00edfico con formato incorrecto es recibido por un dispositivo de la serie QFX5000 o un dispositivo de la serie EX4400, EX4100 o EX4650, se producir\u00e1 una falla de LACP que provocar\u00e1 una p\u00e9rdida de tr\u00e1fico. Este problema afecta a Junos OS en la serie QFX5000 y en las series EX4400, EX4100 o EX4650: * versiones 20.4 desde 20.4R3-S4 antes de 20.4R3-S8, * versiones 21.2 desde 21.2R3-S2 antes de 21.2R3-S6, * versiones 21.4 de 21.4R2 anterior a 21.4R3-S4, * 22.1 versiones anteriores a 22.1R2 anterior a 22.1R3-S3, * 22.2 versiones anteriores a 22.2R3-S1, * 22.3 versiones anteriores a 22.3R2-S2, 22.3R3, * 22.4 versiones anteriores a 22.4R2-S1, 22.4R3."
    }
  ],
  "id": "CVE-2024-30388",
  "lastModified": "2024-11-21T09:11:49.483",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "ADJACENT",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "LOW",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "sirt@juniper.net",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-04-12T16:15:38.093",
  "references": [
    {
      "source": "sirt@juniper.net",
      "url": "http://supportportal.juniper.net/JSA79089"
    },
    {
      "source": "sirt@juniper.net",
      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://supportportal.juniper.net/JSA79089"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-653"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    }
  ]
}

CVE-2024-30388 (GCVE-0-2024-30388)

Vulnerability from cvelistv5 – Published: 2024-04-12 15:09 – Updated: 2024-08-02 01:32

Summary

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 (High)


                        
                          CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

CWE

Denial of Service (DoS)
CWE-653 - Improper Isolation or Compartmentalization

Assigner

juniper

References

URL

Tags

	http://supportportal.juniper.net/JSA79089	vendor-advisory
	https://www.first.org/cvss/calculator/4.0#CVSS:4.…	technical-description

Impacted products

	Vendor	Product	Version
	Juniper Networks	Junos OS	Affected: 20.4R3-S4 , < 20.4R3-S8 (semver) Affected: 21.2R3-S2 , < 21.2R3-S6 (semver) Affected: 21.4R2 , < 21.4R3-S4 (semver) Affected: 22.1R2 , < 22.1R3-S3 (semver) Affected: 22.2 , < 22.2R3-S1 (semver) Affected: 22.3 , < 22.3R2-S2, 22.3R3 (semver) Affected: 22.4 , < 22.4R2-S1, 22.4R3 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-30388",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-31T16:25:58.944143Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-31T16:26:57.448Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T01:32:07.381Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://supportportal.juniper.net/JSA79089"
          },
          {
            "tags": [
              "technical-description",
              "x_transferred"
            ],
            "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "QFX5000 Series",
            "EX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "20.4R3-S8",
              "status": "affected",
              "version": "20.4R3-S4",
              "versionType": "semver"
            },
            {
              "lessThan": "21.2R3-S6",
              "status": "affected",
              "version": "21.2R3-S2",
              "versionType": "semver"
            },
            {
              "lessThan": "21.4R3-S4",
              "status": "affected",
              "version": "21.4R2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.1R3-S3",
              "status": "affected",
              "version": "22.1R2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R3-S1",
              "status": "affected",
              "version": "22.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R2-S2, 22.3R3",
              "status": "affected",
              "version": "22.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R2-S1, 22.4R3",
              "status": "affected",
              "version": "22.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTo be affected by this issue the device must have an LACP configuration as shown in the following example must be present\u003c/span\u003e:\u003cbr\u003e\u003cbr\u003e\u0026nbsp; [ interfaces \u0026lt;interface\u0026gt; ...ether-options\u0026nbsp;802.3ad ae\u0026lt;number\u0026gt; ]\u003cbr\u003e\u0026nbsp; [ interfaces ae\u0026lt;number\u0026gt; aggregated-ether-options lacp ]\u003cbr\u003e"
            }
          ],
          "value": "To be affected by this issue the device must have an LACP configuration as shown in the following example must be present:\n\n\u00a0 [ interfaces \u003cinterface\u003e ...ether-options\u00a0802.3ad ae\u003cnumber\u003e ]\n\u00a0 [ interfaces ae\u003cnumber\u003e aggregated-ether-options lacp ]"
        }
      ],
      "datePublic": "2024-04-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eIf a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss.\u003cbr\u003e\u003cp\u003eThis issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e20.4 versions from \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e20.4R3-S4\u003c/span\u003e\n\nbefore 20.4R3-S8,\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e21.2 versions from \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e21.2R3-S2\u003c/span\u003e\n\nbefore 21.2R3-S6,\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e21.4 versions from \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e21.4R2\u003c/span\u003e\n\nbefore 21.4R3-S4,\u003c/span\u003e\u003cbr\u003e\u003c/li\u003e\u003cli\u003e22.1 versions from\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e22.1R2\u003c/span\u003e\n\n before 22.1R3-S3,\u003c/li\u003e\u003cli\u003e22.2 versions before 22.2R3-S1,\u003c/li\u003e\u003cli\u003e22.3 versions before 22.3R2-S2, 22.3R3,\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R2-S1, 22.4R3.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nIf a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss.\nThis issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series:\n\n\n\n  *  20.4 versions from \n\n20.4R3-S4\n\nbefore 20.4R3-S8,\n  *  21.2 versions from \n\n21.2R3-S2\n\nbefore 21.2R3-S6,\n  *  21.4 versions from \n\n21.4R2\n\nbefore 21.4R3-S4,\n\n  *  22.1 versions from\n\n22.1R2\n\n before 22.1R3-S3,\n  *  22.2 versions before 22.2R3-S1,\n  *  22.3 versions before 22.3R2-S2, 22.3R3,\n  *  22.4 versions before 22.4R2-S1, 22.4R3."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service (DoS)",
              "lang": "en"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-653",
              "description": "CWE-653: Improper Isolation or Compartmentalization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-16T20:18:38.432Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://supportportal.juniper.net/JSA79089"
        },
        {
          "tags": [
            "technical-description"
          ],
          "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases.\u003c/p\u003e"
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA79089",
        "defect": [
          "1711783"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-10T16:00:00.000Z",
          "value": "Initial Publication"
        }
      ],
      "title": "Junos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flaps",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e"
            }
          ],
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-av217"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2024-30388",
    "datePublished": "2024-04-12T15:09:12.944Z",
    "dateReserved": "2024-03-26T23:06:17.993Z",
    "dateUpdated": "2024-08-02T01:32:07.381Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2024-30388

CVE-2024-30388 (GCVE-0-2024-30388)

Tags

Sightings

Nomenclature