Analysis Summary

CVE-2024-39552 CVSS:7.5

Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by improper handling of exceptional conditions in the routing protocol daemon (RPD). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-39530 CVSS:7.5

Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper check for unusual or exceptional conditions vulnerability in the chassis management daemon (chassisd). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-39549 CVSS:7.5

Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by a memory leak in the routing process daemon (rpd). By sending a specially crafted BGP Path attribute update request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-39542 CVSS:7.5

Juniper Networks Junos OS Evolved and Juniper Networks Junos OS are vulnerable to a denial of service, caused by an improper validation of syntactic correctness of input vulnerability in the Packet Forwarding Engine (PFE). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-39540 CVSS:7.5

Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper check for unusual or exceptional conditions vulnerability in the Packet Forwarding Engine (pfe). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-39518 CVSS:7.5

Juniper Networks Junos OS is vulnerable to a denial of service, caused by a heap-based buffer overflow vulnerability in the telemetry sensor process (sensord). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-39546 CVSS:7.3

Juniper Networks Junos OS Evolved could allow a local authenticated attacker to execute arbitrary commands on the system, caused by a missing authorization vulnerability in the Socket Intercept (SI) command file interface. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2024-39520 CVSS:7.8

Juniper Networks Junos OS Evolved could allow a local authenticated attacker to gain elevated privileges on the system, caused by a command injection flaw. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to root.

CVE-2024-39565 CVSS:8.8

Juniper Networks Junos OS could allow a remote attacker to execute arbitrary commands on the system, caused by a XPath Injection flaw in J-Web. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the device.

CVE-2024-39524 CVSS:7.8

Juniper Networks Junos OS Evolved could allow a local authenticated attacker to gain elevated privileges on the system, caused by a command injection flaw. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to root.

Impact

• Denial of Service
• Gain Access
• Privilege Escalation

Indicators of Compromise

CVE

• CVE-2024-39552
• CVE-2024-39530
• CVE-2024-39549
• CVE-2024-39542
• CVE-2024-39540
• CVE-2024-39518
• CVE-2024-39546
• CVE-2024-39520
• CVE-2024-39565
• CVE-2024-39524

Affected Vendors

Remediation

Refer to Juniper Networks Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-39552

CVE-2024-39530

CVE-2024-39549

CVE-2024-39542

CVE-2024-39540

CVE-2024-39518

CVE-2024-39546

CVE-2024-39520

CVE-2024-39565

CVE-2024-39524