Analysis Summary

CVE-2024-39539 CVSS:5.3

Juniper Networks Junos OS is vulnerable to a denial of service, caused by a memory leak flaw. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause FPC to crash and restart.

CVE-2024-39556 CVSS:6.4

Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. By using a specially crafted certificate file, a local authenticated attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition on the system.

CVE-2024-39543 CVSS:6.4

Juniper Networks Junos OS and Junos OS Evolved is vulnerable to a denial of service, caused by a buffer overflow in the routing protocol daemon (rpd). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-39557 CVSS:6.5

Juniper Networks Junos OS Evolved is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the Layer 2 Address Learning Daemon (l2ald). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

Impact

• Denial of Service
• Gain Access

Indicators of Compromise

CVE

• CVE-2024-39539
• CVE-2024-39556
• CVE-2024-39543
• CVE-2024-39557

Affected Vendors

Remediation

Refer to Juniper Networks Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-39539

CVE-2024-39556

CVE-2024-39543

CVE-2024-39557