Multiple Juniper Networks Junos OS Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-39550 CVSS:6.5

Juniper Networks Junos OS is vulnerable to a denial of service, caused by a memory leak in the rtlogd process. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-39545 CVSS:6.5

Juniper Networks Junos OS is vulnerable to a denial of service, caused by improper check for unusual or exceptional conditions in the the IKE daemon (iked). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

Impact

Denial of Service

Indicators of Compromise

CVE

CVE-2024-39550
CVE-2024-39545

Affected Vendors

Juniper

Affected Products

Juniper Networks Junos OS 21.4
Juniper Networks Junos OS 22.1
Juniper Networks Junos OS 22.3
Juniper Networks Junos OS 22.2
Juniper Networks Junos OS 22.4
Juniper Networks Junos OS 23.2
Juniper Networks Junos OS 23.4
Juniper Networks Junos OS 21.2R3-S5

Remediation

Refer to Juniper Networks Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-39550

CVE-2024-39545

Chinese CeranaKeeper Uses Data Exfiltration to Target Southeast Asia – Active IOCs

CosmicSting Exploit Targets Adobe Commerce and Magento Stores – Active IOCs

Multiple Juniper Networks Junos OS Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan