Juniper JunOS OS EVO PFE DoS 22.2R1-EVO before 22.4R2-EVO
CVE-2024-39519 Published on July 11, 2024
Junos OS Evolved: ACX 7000 Series: Multicast traffic is looped in a multihoming EVPN MPLS scenario
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a
Denial-of-Service (DoS).
On all ACX 7000 Series platforms running
Junos OS Evolved, and configured with IRBs, if a Customer Edge device (CE) device is dual homed to two Provider Edge devices (PE) a traffic loop will occur when the CE sends multicast packets. This issue can be triggered by IPv4 and IPv6 traffic.
This issue affects Junos OS Evolved:
All versions from 22.2R1-EVO and later versions before 22.4R2-EVO,
This issue does not affect Junos OS Evolved versions before 22.1R1-EVO.
Vulnerability Analysis
Weakness Type
Improper Check for Unusual or Exceptional Conditions
The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.
Products Associated with CVE-2024-39519
Want to know whenever a new CVE is published for Juniper Networks Junos Os Evolved? stack.watch will email you.
Affected Versions
Juniper Networks Junos OS Evolved:- Version 22.1-EVO is affected.
- Before 22.1R1-EVO is unaffected.
- Version 22.2-EVO is affected.
- Version 22.3-EVO is affected.
- Version 22.4-EVO and below 22.4R2-EVO is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.