Vulnerability Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on SRX Series, and MX Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When an affected device receives specific valid TCP traffic, the pfe crashes and restarts leading to a momentary but complete service outage. This issue affects Junos OS: 21.2 releases from 21.2R3-S5 before 21.2R3-S6. This issue does not affect earlier or later releases.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | 21.2 |
| Juniper | Csrx | - |
| Juniper | Mx240 | - |
| Juniper | Mx480 | - |
| Juniper | Mx960 | - |
| Juniper | Srx100 | - |
| Juniper | Srx110 | - |
| Juniper | Srx1400 | - |
| Juniper | Srx1500 | - |
| Juniper | Srx1600 | - |
| Juniper | Srx210 | - |
| Juniper | Srx220 | - |
| Juniper | Srx2300 | - |
| Juniper | Srx240 | - |
| Juniper | Srx240H2 | - |
| Juniper | Srx240M | - |
| Juniper | Srx300 | - |
| Juniper | Srx320 | - |
| Juniper | Srx340 | - |
| Juniper | Srx3400 | - |
Related Weaknesses (CWE)
References
- https://supportportal.juniper.net/JSA83000Vendor Advisory
- https://supportportal.juniper.net/JSA83000Vendor Advisory
FAQ
What is CVE-2024-39540?
CVE-2024-39540 is a vulnerability with a CVSS score of 7.5 (HIGH). An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on SRX Series, and MX Series with SPC3 allows an unauthenticate...
How severe is CVE-2024-39540?
CVE-2024-39540 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-39540?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Csrx, Juniper Mx240, Juniper Mx480, Juniper Mx960.