1. Home
  2. CVE Database
  3. CVE-2024-39551
HIGH · 7.5

CVE-2024-39551

An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway) of  Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenti...

Vulnerability Description

An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway) of  Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of Service (DoS).  Continued receipt and processing of these specific packets will sustain the Denial of Service condition. The memory usage can be monitored using the below command.   user@host> show usp memory segment sha data objcache jsf  This issue affects SRX Series and MX Series with SPC3 and MS-MPC/MIC:  *  20.4 before 20.4R3-S10,  *  21.2 before 21.2R3-S6,  *  21.3 before 21.3R3-S5,  *  21.4 before 21.4R3-S6,  *  22.1 before 22.1R3-S4,  *  22.2 before 22.2R3-S2,  *  22.3 before 22.3R3-S1,  *  22.4 before 22.4R3,  *  23.2 before 23.2R2.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
JuniperJunos20.4
JuniperMs-Mic-
JuniperMs-Mpc-
JuniperMx-Spc3-
JuniperMx10004-
JuniperMx10008-
JuniperMx2008-
JuniperMx2010-
JuniperMx2020-
JuniperMx204-
JuniperMx240-
JuniperMx304-
JuniperMx480-
JuniperMx960-
JuniperSrx1500-
JuniperSrx1600-
JuniperSrx2300-
JuniperSrx300-
JuniperSrx320-
JuniperSrx340-

Related Weaknesses (CWE)

CWE-400

References

FAQ

What is CVE-2024-39551?

CVE-2024-39551 is a vulnerability with a CVSS score of 7.5 (HIGH). An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway) of  Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenti...

How severe is CVE-2024-39551?

CVE-2024-39551 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-39551?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Ms-Mic, Juniper Ms-Mpc, Juniper Mx-Spc3, Juniper Mx10004.