{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-30392", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2024-03-26T23:06:17.994Z", "datePublished": "2024-04-12T15:07:48.287Z", "dateUpdated": "2024-06-18T19:20:18.214Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["MX Series with SPC3 and MS-MPC"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.2R3-S6", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "21.3R3-S5", "status": "affected", "version": "21.3", "versionType": "semver"}, {"lessThan": "21.4R3-S5", "status": "affected", "version": "21.4", "versionType": "semver"}, {"lessThan": "22.1R3-S3", "status": "affected", "version": "22.1", "versionType": "semver"}, {"lessThan": "22.2R3-S1", "status": "affected", "version": "22.2", "versionType": "semver"}, {"lessThan": "22.3R2-S2, 22.3R3", "status": "affected", "version": "22.3", "versionType": "semver"}, {"lessThan": "22.4R2-S1, 22.4R3", "status": "affected", "version": "22.4", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "For the issue to occur, following two conditions need to be met:<br><br>1. Enable URL filtering:<br>&nbsp; &nbsp; &nbsp; <tt>[<span style=\"background-color: rgb(255, 255, 255);\">jservices-urlf enable</span>]</tt><br>2. Configure the following template:<br>&nbsp; &nbsp; &nbsp; <tt>[url-filter-template template {client-interfaces [] server-interfaces [] dns-server &lt;IP_address&gt;&nbsp;url-filter-database &lt;db_name&gt;}] &nbsp; &nbsp;</tt><br>"}], "value": "For the issue to occur, following two conditions need to be met:\n\n1. Enable URL filtering:\n\u00a0 \u00a0 \u00a0 [jservices-urlf enable]\n2. Configure the following template:\n\u00a0 \u00a0 \u00a0 [url-filter-template template {client-interfaces [] server-interfaces [] dns-server <IP_address>\u00a0url-filter-database <db_name>}]"}], "datePublic": "2024-04-10T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS).<br><br>On all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific URL request is received and processed, flowd will crash and restart. Continuous reception of the specific URL request will lead to a sustained Denial of Service (DoS) condition.<br><br>This issue affects:<br><p>Junos OS:</p><p></p><ul><li>all versions before 21.2R3-S6,<br></li><li>from 21.3 before 21.3R3-S5,<br></li><li>from 21.4 before 21.4R3-S5,<br></li><li>from 22.1 before 22.1R3-S3,<br></li><li>from 22.2 before 22.2R3-S1,<br></li><li>from 22.3 before 22.3R2-S2, 22.3R3,<br></li><li>from 22.4 before 22.4R2-S1, 22.4R3.<br></li></ul><p></p>"}], "value": "A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS).\n\nOn all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific URL request is received and processed, flowd will crash and restart. Continuous reception of the specific URL request will lead to a sustained Denial of Service (DoS) condition.\n\nThis issue affects:\nJunos OS:\n\n\n\n * all versions before 21.2R3-S6,\n\n * from 21.3 before 21.3R3-S5,\n\n * from 21.4 before 21.4R3-S5,\n\n * from 22.1 before 22.1R3-S3,\n\n * from 22.2 before 22.2R3-S1,\n\n * from 22.3 before 22.3R2-S2, 22.3R3,\n\n * from 22.4 before 22.4R2-S1, 22.4R3."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Juniper SIRT is not aware of any malicious exploitation of this vulnerability.</p>"}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "description": "CWE-121: Stack-based Buffer Overflow", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"description": "Denial of Service (DoS)", "lang": "en"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-05-16T20:27:13.139Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://supportportal.juniper.net/JSA79092"}, {"tags": ["technical-description"], "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The following software releases have been updated to resolve this specific issue: 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases.</p>"}], "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases."}], "source": {"advisory": "JSA79092", "defect": ["1731552"], "discovery": "USER"}, "timeline": [{"lang": "en", "time": "2024-04-10T16:00:00.000Z", "value": "Initial Publication"}], "title": "Junos OS: MX Series with SPC3 and MS-MPC/-MIC: When URL filtering is enabled and a specific URL request is received a flowd crash occurs", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>There are no available workarounds for this issue.</p>"}], "value": "There are no available workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-av217"}}, "adp": [{"affected": [{"vendor": "juniper", "product": "junos_os", "cpes": ["cpe:2.3:a:juniper:junos_os:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "21.2r3-s6", "versionType": "custom"}, {"version": "21.3", "status": "affected", "lessThan": "21.3r3-s5", "versionType": "custom"}, {"version": "21.4", "status": "affected", "lessThan": "21.4r3-s5", "versionType": "custom"}, {"version": "22.1", "status": "affected", "lessThan": "21.1r3-s3", "versionType": "custom"}, {"version": "22.2", "status": "affected", "lessThan": "22.2r3-s1", "versionType": "custom"}, {"version": "22.3", "status": "affected", "lessThan": "22.3r2-s2", "versionType": "custom"}, {"version": "22.3", "status": "affected", "lessThan": "22.3r3", "versionType": "custom"}, {"version": "22.4", "status": "affected", "lessThan": "22.4-r2-s2", "versionType": "custom"}, {"version": "22.4", "status": "affected", "lessThan": "22.4r3", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-18T18:37:03.121232Z", "id": "CVE-2024-30392", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-18T19:20:18.214Z"}}]}}

{"descriptions": [{"lang": "en", "value": "A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS).\n\nOn all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific URL request is received and processed, flowd will crash and restart. Continuous reception of the specific URL request will lead to a sustained Denial of Service (DoS) condition.\n\nThis issue affects:\nJunos OS:\n\n\n\n * all versions before 21.2R3-S6,\n\n * from 21.3 before 21.3R3-S5,\n\n * from 21.4 before 21.4R3-S5,\n\n * from 22.1 before 22.1R3-S3,\n\n * from 22.2 before 22.2R3-S1,\n\n * from 22.3 before 22.3R2-S2, 22.3R3,\n\n * from 22.4 before 22.4R2-S1, 22.4R3."}, {"lang": "es", "value": "Una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en Flow Processing Daemon (flowd) de Juniper Networks Junos OS permite que un atacante no autenticado basado en red provoque una denegaci\u00f3n de servicio (DoS). En todas las plataformas Junos OS MX Series con SPC3 y MS-MPC/-MIC, cuando el filtrado de URL est\u00e1 habilitado y se recibe y procesa una solicitud de URL espec\u00edfica, el flujo se bloquear\u00e1 y se reiniciar\u00e1. La recepci\u00f3n continua de la solicitud de URL espec\u00edfica dar\u00e1 lugar a una condici\u00f3n sostenida de Denegaci\u00f3n de Servicio (DoS). Este problema afecta a: Junos OS: * todas las versiones anteriores a 21.2R3-S6, * desde 21.3 anterior a 21.3R3-S5, * desde 21.4 anterior a 21.4R3-S5, * desde 22.1 anterior a 22.1R3-S3, * desde 22.2 anterior a 22.2R3- S1, * de 22.3 antes de 22.3R2-S2, 22.3R3, * de 22.4 antes de 22.4R2-S1, 22.4R3."}], "id": "CVE-2024-30392", "lastModified": "2024-05-16T21:16:09.237", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Primary"}]}, "published": "2024-04-12T16:15:39.040", "references": [{"source": "sirt@juniper.net", "url": "https://supportportal.juniper.net/JSA79092"}, {"source": "sirt@juniper.net", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "sirt@juniper.net", "type": "Secondary"}]}

{}