CVE-2024-30389
MEDIUMJuniper Networks Junos OS <21.4R3-S6 - Integrity Impact
Title source: llmDescription
An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic. This issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6. This issue does not affect Junos OS releases earlier than 21.4R1.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
http://supportportal.juniper.net/JSA79185
Issue Tracking technical-description
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
Scores
CVSS v3
5.8
EPSS
0.0016
EPSS Percentile
36.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-696
Status
published
Products (1)
juniper/junos
21.4 r1 (12 CPE variants)
Published
Apr 12, 2024
Tracked Since
Feb 18, 2026