CVE-2024-39529 — HIGH (7.5)

Q: How severe is CVE-2024-39529?

CVE-2024-39529 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-39529?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Srx100, Juniper Srx110, Juniper Srx1400, Juniper Srx1500.

Vulnerability Description

A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes a PFE crash and restart, leading to a Denial of Service. This issue affects Junos OS: * All versions before 21.4R3-S6, * 22.2 versions before 22.2R3-S3, * 22.3 versions before 22.3R3-S3, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R2.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Juniper	Junos	< 21.4
Juniper	Srx100	-
Juniper	Srx110	-
Juniper	Srx1400	-
Juniper	Srx1500	-
Juniper	Srx1600	-
Juniper	Srx210	-
Juniper	Srx220	-
Juniper	Srx2300	-
Juniper	Srx240	-
Juniper	Srx240H2	-
Juniper	Srx240M	-
Juniper	Srx300	-
Juniper	Srx320	-
Juniper	Srx340	-
Juniper	Srx3400	-
Juniper	Srx345	-
Juniper	Srx3600	-
Juniper	Srx380	-
Juniper	Srx4000	-

Related Weaknesses (CWE)

CWE-134

References

https://supportportal.juniper.net/JSA82988Vendor Advisory
https://supportportal.juniper.net/JSA82988Vendor Advisory

FAQ

What is CVE-2024-39529?

CVE-2024-39529 is a vulnerability with a CVSS score of 7.5 (HIGH). A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a...

How severe is CVE-2024-39529?

CVE-2024-39529 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-39529?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Srx100, Juniper Srx110, Juniper Srx1400, Juniper Srx1500.