CVE-2024-30384 — MEDIUM (5.5)

Q: How severe is CVE-2024-30384?

CVE-2024-30384 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-30384?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Ex4300, Juniper Ex4300-24P, Juniper Ex4300-24P-S, Juniper Ex4300-24T.

Vulnerability Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows a locally authenticated attacker with low privileges to cause a Denial-of-Service (Dos). If a specific CLI command is issued, a PFE crash will occur. This will cause traffic forwarding to be interrupted until the system self-recovers. This issue affects Junos OS: All versions before 20.4R3-S10, 21.2 versions before 21.2R3-S7, 21.4 versions before 21.4R3-S6.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Juniper	Junos	< 20.4
Juniper	Ex4300	-
Juniper	Ex4300-24P	-
Juniper	Ex4300-24P-S	-
Juniper	Ex4300-24T	-
Juniper	Ex4300-24T-S	-
Juniper	Ex4300-32F	-
Juniper	Ex4300-32F-Dc	-
Juniper	Ex4300-32F-S	-
Juniper	Ex4300-48Mp	-
Juniper	Ex4300-48Mp-S	-
Juniper	Ex4300-48P	-
Juniper	Ex4300-48P-S	-
Juniper	Ex4300-48T	-
Juniper	Ex4300-48T-Afi	-
Juniper	Ex4300-48T-Dc	-
Juniper	Ex4300-48T-Dc-Afi	-
Juniper	Ex4300-48T-S	-

Related Weaknesses (CWE)

CWE-754

References

http://supportportal.juniper.net/JSA79186Vendor Advisory
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:NIssue Tracking
http://supportportal.juniper.net/JSA79186Vendor Advisory
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:NIssue Tracking

FAQ

What is CVE-2024-30384?

CVE-2024-30384 is a vulnerability with a CVSS score of 5.5 (MEDIUM). An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows a locally authenticated attacker with l...

How severe is CVE-2024-30384?

CVE-2024-30384 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-30384?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Ex4300, Juniper Ex4300-24P, Juniper Ex4300-24P-S, Juniper Ex4300-24T.