Analysis Summary

CVE-2024-39537 CVSS:6.5

Juniper Networks Junos OS Evolved could allow a remote attacker to obtain sensitive information, caused by an improper restriction of communication channel to intended endpoints vulnerability. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.

CVE-2024-39517 CVSS:6.5

Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by an improper check for unusual or exceptional conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-39559 CVSS:5.9

Juniper Networks Junos OS Evolved is vulnerable to a denial of service, caused by an improper check for unusual or exceptional conditions vulnerability in packet processing. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-39512 CVSS:6.6

Juniper Networks Junos OS Evolved could allow a local attacker to bypass security restrictions, caused by an improper physical access control vulnerability in the console port control. By sending a specially crafted request, an attacker could exploit this vulnerability to get access to a user account.

Impact

• Information Disclosure
• Denial of Service
• Security Bypass

Indicators of Compromise

CVE

• CVE-2024-39537
• CVE-2024-39517
• CVE-2024-39559
• CVE-2024-39512

Affected Vendors

Remediation

Refer to Juniper Networks Security Advisory, upgrade or suggested workaround information.

CVE-2024-39537

CVE-2024-39517

CVE-2024-39559

CVE-2024-39512