Created
April 18, 2024 17:23
-
-
Save ViperGeek/0eb052ff8fc681363b0e6c8284ccb351 to your computer and use it in GitHub Desktop.
Juniper 2024-04 CVSS v3+v4 Scores
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CVE-2024-30395: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash | |
| CVSS 3.1: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30409: Higher CPU consumption on routing engine leads to Denial of Service | |
| CVSS 3.1: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | |
| CVSS 4.0: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N | |
| CVE-2024-21610: In a scaled subscriber scenario if CoS information is gathered mgd processes gets stuck | |
| CVSS 3.1: 4.3 CVSS:3.1/AV:N/AC:L/PR:l/UI:N/S:U/C:N/I:N/A:L | |
| CVSS 4.0: 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N | |
| CVE-2024-30394: A specific EVPN type-5 route causes rpd crash | |
| CVSS 3.1: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30410: Loopback filter not blocking traffic despite having discard term | |
| CVSS 3.1: 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N | |
| CVSS 4.0: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N | |
| CVE-2022-2795: When DNS proxy is configured and specific DNS queries are received, resolver's performance is degraded | |
| CVSS 3.1: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | |
| CVSS 4.0: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N | |
| CVE-2024-30386: In a EVPN-VXLAN scenario state changes on adjacent systems can cause an l2ald process crash | |
| CVSS 3.1: 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30397: An invalid certificate causes a Denial of Service in the Internet Key Exchange (IKE) process | |
| CVSS 3.1: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-21618: When LLDP is enabled and a malformed LLDP packet is received, l2cpd crashes | |
| CVSS 3.1: 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30382: RPD crash when CoS-based forwarding (CBF) policy is configured | |
| CVSS 3.1: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-21615: A low-privileged user can access confidential information | |
| CVSS 3.1: 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N | |
| CVSS 4.0: 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N | |
| CVE-2024-30380: l2cpd crash upon receipt of a specific TLV | |
| CVSS 3.1: 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30401: Stack-based buffer overflow in aftman | |
| CVSS 3.1: 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30392: When URL filtering is enabled and a specific URL request is received a flowd crash occurs | |
| CVSS 3.1: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-21605: Specific link local traffic causes a control plane overload | |
| CVSS 3.1: 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-21590: Packets which are not destined to the device can reach the RE | |
| CVSS 3.1: 5.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 7.1 CVSS4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30390: Connection limits is not being enforced while the resp. rate limit is being enforced | |
| CVSS 3.1: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | |
| CVSS 4.0: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N | |
| CVE-2024-21593: A specific MPLS packet will cause a PFE crash | |
| CVSS 3.1: 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30403: When MAC learning happens, and an interface gets flapped, the PFE crashes | |
| CVSS 3.1: 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30384: If a specific CLI command is issued PFE crashes will occur | |
| CVSS 3.1: 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30378: bbe-smgd process crash upon execution of specific CLI commands | |
| CVSS 3.1: 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30388: Specific malformed LACP packets will cause flaps | |
| CVSS 3.1: 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30391: When IPsec authentication is configured with "hmac-sha-384" and "hmac-sha-512" no authentication of traffic is performed | |
| CVSS 3.1: 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L | |
| CVSS 4.0: 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N | |
| CVE-2024-21609: If specific IPsec parameters are negotiated iked will crash due to a memory leak | |
| CVSS 3.1: 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30387: Due to the interface flaps the PFE process can crash | |
| CVSS 3.1: 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30402: The l2ald crashes on receiving telemetry messages from a specific subscription | |
| CVSS 3.1: 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30381: probe_serviced exposes internal objects to local users | |
| CVSS 3.1: 8.4 CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | |
| CVSS 4.0: 8.4 CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H | |
| CVE-2024-30389: Firewall filter not blocking egress traffic | |
| CVSS 3.1: 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N | |
| CVSS 4.0: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N | |
| CVE-2024-30398: A high amount of specific traffic causes packet drops and an eventual PFE crash | |
| CVSS 3.1: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30405: Processing of specific crafted packets when ALG is enabled causes a transit traffic Denial of Service | |
| CVSS 3.1: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | |
| CVSS 4.0: 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | |
| CVE-2024-30406: A local high privileged attacker can recover other administrators credentials | |
| CVSS 3.1: 5.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N | |
| CVSS 4.0: 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment