fkie_cve-2024-30389
Vulnerability from fkie_nvd
Published
2024-04-12 16:15
Modified
2025-02-06 20:36
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Summary
An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic. This issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6. This issue does not affect Junos OS releases earlier than 21.4R1.
References
sirt@juniper.nethttp://supportportal.juniper.net/JSA79185Vendor Advisory
sirt@juniper.nethttps://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:NIssue Tracking
af854a3a-2127-422b-91ae-364da2661108http://supportportal.juniper.net/JSA79185Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:NIssue Tracking
Impacted products
Vendor Product Version
juniper junos 21.4
juniper junos 21.4
juniper junos 21.4
juniper junos 21.4
juniper junos 21.4
juniper junos 21.4
juniper junos 21.4
juniper junos 21.4
juniper junos 21.4
juniper junos 21.4
juniper junos 21.4
juniper junos 21.4
juniper ex4300 -
juniper ex4300-24p -
juniper ex4300-24p-s -
juniper ex4300-24t -
juniper ex4300-24t-s -
juniper ex4300-32f -
juniper ex4300-32f-dc -
juniper ex4300-32f-s -
juniper ex4300-48mp -
juniper ex4300-48mp-s -
juniper ex4300-48p -
juniper ex4300-48p-s -
juniper ex4300-48t -
juniper ex4300-48t-afi -
juniper ex4300-48t-dc -
juniper ex4300-48t-dc-afi -
juniper ex4300-48t-s -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*",
              "matchCriteriaId": "C470FB4E-A927-4AF3-ACB0-AD1E264218B7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E594D6DC-87F6-40D2-8268-ED6021462168",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-24p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BEA4BC3-093F-4DE6-BED1-2C7D2FC2C8A5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-24p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "592377CC-4044-4FDD-A3DF-CBF25754EE4D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-24t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D12E8275-EF6B-44F9-A7D8-A769CDB5EED5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-24t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E63215-246E-49F3-A537-8A90D512DAB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-32f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD1A5E69-928A-41A0-8B9B-91F307D99854",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-32f-dc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B71953D-016D-4E72-B598-55667A507681",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-32f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CABBC37B-EB93-424D-A1E7-4686039C0955",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-48mp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24526B69-E3E3-4249-80A4-A886BED5C07E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-48mp-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2209605-65B6-44B3-9700-9EC543BF2408",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-48p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3C348CF-65C1-4A53-8F4F-99B5A4113679",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-48p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60CB5F91-DC40-4D09-BB93-4539B8581877",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-48t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE8EB69-95DD-44E9-80A6-F2B5E34BBD5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-48t-afi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEEDB14F-E74A-4C48-A969-1D22D7F7C7C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-48t-dc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBE3866E-109E-479F-9FFE-3F6E81C0DE7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-48t-dc-afi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A17D793-5F01-4818-956D-D6BC5A6C4CEE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300-48t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF4C3E8E-C8B4-42A5-8DB6-7E8114FCC030",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device.\n\nWhen an output firewall filter is applied to an interface it doesn\u0027t recognize matching packets but permits any traffic.\nThis issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6.\nThis issue does not affect Junos OS releases earlier than 21.4R1."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de orden de comportamiento incorrecto en el motor de reenv\u00edo de paquetes (PFE) de Juniper Networks Junos OS en la serie EX4300 permite que un atacante basado en red no autenticado cause un impacto en la integridad de las redes posteriores al dispositivo vulnerable. Cuando se aplica un filtro de firewall de salida a una interfaz, no reconoce los paquetes coincidentes pero permite cualquier tr\u00e1fico. Este problema afecta a las versiones Junos OS 21.4 desde 21.4R1 anteriores a 21.4R3-S6. Este problema no afecta a las versiones de Junos OS anteriores a la 21.4R1."
    }
  ],
  "id": "CVE-2024-30389",
  "lastModified": "2025-02-06T20:36:23.717",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "sirt@juniper.net",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 6.9,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "LOW",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "sirt@juniper.net",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-04-12T16:15:38.317",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://supportportal.juniper.net/JSA79185"
    },
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://supportportal.juniper.net/JSA79185"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-696"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.