CVE-2024-39540 Information

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network-based attacker to cause a Denial-of-Service (DoS).

When an affected device receives specific valid TCP traffic the pfe crashes and restarts leading to a momentary but complete service outage.

This issue affects Junos OS:

21.2 releases from 21.2R3-S5 before 21.2R3-S6.

This issue does not affect earlier or later releases.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://supportportal.juniper.net/JSA83000

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5