CVE-2024-39538

{"id": "CVE-2024-39538", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.1, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2024-07-11T17:15:12.413", "references": [{"url": "https://supportportal.juniper.net/JSA82998", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}, {"url": "https://supportportal.juniper.net/JSA82998", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "A Buffer Copy without Checking Size of Input vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a\u00a0\n\nDenial-of-Service (DoS).When multicast traffic with a specific, valid (S,G) is received, evo-pfemand crashes which leads to an outage of the affected FPC until it is manually recovered.\n\n\nThis issue affects Junos OS Evolved on ACX7000 Series:\n\n\n * All versions before 21.2R3-S8-EVO,\n * 21.4-EVO versions before 21.4R3-S7-EVO,\n * 22.2-EVO versions before 22.2R3-S4-EVO,\n * 22.3-EVO versions before 22.3R3-S3-EVO,\u00a0\n * 22.4-EVO versions before 22.4R3-S2-EVO,\u00a0\n * 23.2-EVO versions before 23.2R2-EVO,\u00a0\n * 23.4-EVO versions before 23.4R1-S2-EVO, 23.4R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de copia de b\u00fafer sin verificar el tama\u00f1o de entrada en el daemon de administraci\u00f3n PFE (evo-pfemand) de Juniper Networks Junos OS Evolved en la serie ACX7000 permite que un atacante adyacente no autenticado provoque una denegaci\u00f3n de servicio (DoS). Cuando el tr\u00e1fico de multidifusi\u00f3n con Se recibe un (S,G) espec\u00edfico y v\u00e1lido, evo-pfemand se bloquea, lo que provoca una interrupci\u00f3n del FPC afectado hasta que se recupera manualmente. Este problema afecta a Junos OS Evolved en la serie ACX7000: * Todas las versiones anteriores a 21.2R3-S8-EVO, * Versiones 21.4-EVO anteriores a 21.4R3-S7-EVO, * Versiones 22.2-EVO anteriores a 22.2R3-S4-EVO, * 22.3- Versiones EVO anteriores a 22.3R3-S3-EVO, * Versiones 22.4-EVO anteriores a 22.4R3-S2-EVO, * Versiones 23.2-EVO anteriores a 23.2R2-EVO, * Versiones 23.4-EVO anteriores a 23.4R1-S2-EVO, 23.4R2- EVO."}], "lastModified": "2026-01-22T18:29:22.077", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C14B5A6-597A-4181-8C42-392A2E4605BF", "versionEndExcluding": "21.2"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "620B0CDD-5566-472E-B96A-31D2C12E3120"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E1E57AF-979B-4022-8AD6-B3558E06B718"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "144730FB-7622-4B3D-9C47-D1B7A7FB7EB0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BA246F0-154E-4F44-A97B-690D22FA73DD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25D6C07C-F96E-4523-BB54-7FEABFE1D1ED"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B70C784-534B-4FAA-A5ED-3709656E2B97"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60448FFB-568E-4280-9261-ADD65244F31A"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B770C52-7E3E-4B92-9138-85DEC56F3B22"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E88AC378-461C-4EFA-A04B-5786FF21FE03"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B0AFB30-81DC-465C-9F63-D1B15EA4809A"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2035F0AC-29E7-478A-A9D0-BAA3A88B3413"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C34ABD4B-B045-4046-9641-66E3B2082A25"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D5DC04F-18DE-403B-BE93-2251F3332C1C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "909FC378-EBFE-4BA9-8393-0C8301438020"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74ED0939-D5F8-4334-9838-40F29DE3597F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6937069-8C19-4B01-8415-ED7E9EAE2CE2"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97DB6DD5-F5DD-4AE1-AF2F-8DB9E18FF882"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21DF05B8-EF7E-422F-8831-06904160714C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "492FCE45-68A1-4378-85D4-C4034FE0D836"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "522114CC-1505-4205-B4B8-797DE1BD833B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9D664AB-0FA7-49C7-B6E1-69C77652FBEF"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DB01252-2F11-41DB-9023-C74FD723334E"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F91450D5-F8CE-42EA-BB7E-312FCE024CD1"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7FEFD0A-A969-4F53-8668-1231FD675D6F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C63DBEE5-B0C2-498F-A672-B6596C89B0A2"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9370C46D-3AA1-4562-B67F-DF6EA10F209B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FD8C240-A7FE-4FD5-ADCC-289C1BC461BF"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FB9F20B-7683-4B0D-8D2B-5569414EBC29"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA4481D2-F693-48A5-8DBC-E86430987A25"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "136CA584-2475-4A14-9771-F367180201D4"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4546776C-A657-42E3-9A36-47F9F59A88AD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "156DD8ED-CE6E-48C0-9E67-16B04767D62E"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10F9C2B1-BD81-4EDC-ADF5-4B0F39001C7A"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61F649B0-0121-4760-9432-5F57214EFC2B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04CE952D-E3C1-4B34-9E65-EC52BFE887AB"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8643AA3-29EF-48A7-B033-CB60988E214B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9800BA03-E6BF-4212-B2E7-69C0FD27D294"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACCA655D-C542-44F1-B183-4C864CFF2D4F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DEAA7FD-385F-4221-907E-65ABC16BE4BE"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "558D234D-BC50-415F-86D6-8E19D6C3ACE0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33F4EEEE-77E9-4973-A770-99E7BA2F05F5"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7147BA60-30A5-4CED-9AAF-F6BEA0528B89"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB82B22F-9005-4EF0-A1E3-4261757783D4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:juniper:acx7020:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B2E5B843-629D-43D7-A4EE-EFA658109B25"}, {"criteria": "cpe:2.3:h:juniper:acx7024:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1026737F-BA23-4550-9030-EA0502E97953"}, {"criteria": "cpe:2.3:h:juniper:acx7024x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2FFFD74C-7BF9-4EAF-B364-356A8393712D"}, {"criteria": "cpe:2.3:h:juniper:acx7100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CFED6AC1-B3C0-44EC-AF40-E61CF1EE94E0"}, {"criteria": "cpe:2.3:h:juniper:acx7300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8977D7A0-C498-4DC2-9A2C-A58D900386F3"}, {"criteria": "cpe:2.3:h:juniper:acx7509:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B50EC358-F551-4F2B-9DA1-61B6412AB957"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "sirt@juniper.net"}