CVE-2024-30384

Junos OS: EX4300 Series: If a specific CLI command is issued PFE crashes will occur

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows a locally authenticated attacker with low privileges to cause a Denial-of-Service (Dos). If a specific CLI command is issued, a PFE crash will occur. This will cause traffic forwarding to be interrupted until the system self-recovers. This issue affects Junos OS: All versions before 20.4R3-S10, 21.2 versions before 21.2R3-S7, 21.4 versions before 21.4R3-S6.

Remediation

Solution:

The following software releases have been updated to resolve this specific issue: 20.4R3-S10, 21.2R3-S7, 21.4R3-S6, and all subsequent releases of these branches.

Workaround:

There are no known workarounds for this issue.

References

Link	Tags
http://supportportal.juniper.net/JSA79186	vendor advisory
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L	issue tracking technical description

Frequently Asked Questions

What is the severity of CVE-2024-30384?: CVE-2024-30384 has been scored as a medium severity vulnerability.
How to fix CVE-2024-30384?: To fix CVE-2024-30384: The following software releases have been updated to resolve this specific issue: 20.4R3-S10, 21.2R3-S7, 21.4R3-S6, and all subsequent releases of these branches.
Is CVE-2024-30384 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-30384 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-30384?: CVE-2024-30384 affects Juniper Networks Junos OS.

Description

Remediation

Category

CWE-754 – Improper Check for Unusual or Exceptional Conditions

References

Frequently Asked Questions