Severity
Medium
Analysis Summary
CVE-2024-39537 CVSS:6.5
Juniper Networks Junos OS Evolved could allow a remote attacker to obtain sensitive information, caused by an improper restriction of communication channel to intended endpoints vulnerability. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-39517 CVSS:6.5
Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by an improper check for unusual or exceptional conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-39559 CVSS:5.9
Juniper Networks Junos OS Evolved is vulnerable to a denial of service, caused by an improper check for unusual or exceptional conditions vulnerability in packet processing. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-39512 CVSS:6.6
Juniper Networks Junos OS Evolved could allow a local attacker to bypass security restrictions, caused by an improper physical access control vulnerability in the console port control. By sending a specially crafted request, an attacker could exploit this vulnerability to get access to a user account.
Impact
- Information Disclosure
- Denial of Service
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-39537
- CVE-2024-39517
- CVE-2024-39559
- CVE-2024-39512
Affected Vendors
Affected Products
- Juniper Networks Junos OS Evolved
- Juniper Networks Junos OS Evolved 23.2R2-EVO
Remediation
Refer to Juniper Networks Security Advisory, upgrade or suggested workaround information.