CVE-2024-39548

HIGH

Juniper Junos OS Evolved Multiple Versions - Unauthenticated DoS via Memory Consumption in aftmand

Title source: llm

Description

An Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to consume memory resources, resulting in a Denial of Service (DoS) condition. The processes do not recover on their own and must be manually restarted. This issue affects both IPv4 and IPv6. Changes in memory usage can be monitored using the following CLI command: user@device> show system memory node <fpc slot> | grep evo-aftmann This issue affects Junos OS Evolved: * All versions before 21.2R3-S8-EVO, * 21.3 versions before 21.3R3-S5-EVO, * 21.4 versions before 21.4R3-S5-EVO, * 22.1 versions before 22.1R3-S4-EVO, * 22.2 versions before 22.2R3-S4-EVO, * 22.3 versions before 22.3R3-S3-EVO, * 22.4 versions before 22.4R2-S2-EVO, 22.4R3-EVO, * 23.2 versions before 23.2R1-S1-EVO, 23.2R2-EVO.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory

https://supportportal.juniper.net/JSA83010

Scores

CVSS v3 7.5

EPSS 0.0046

EPSS Percentile 64.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-400

Status published

Products (5)

juniper/junos_os_evolved 21.2 (15 CPE variants)

juniper/junos_os_evolved 21.3 (11 CPE variants)

juniper/junos_os_evolved 21.4 (12 CPE variants)

juniper/junos_os_evolved 22.1 (10 CPE variants)

juniper/junos_os_evolved 22.2 (2 CPE variants)

Published Jul 11, 2024

Tracked Since Feb 18, 2026