An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). On all ACX 7000 Series platforms running Junos OS Evolved, and configured with IRBs, if a Customer Edge device (CE) device is dual homed to two Provider Edge devices (PE) a traffic loop will occur when the CE sends multicast packets. This issue can be triggered by IPv4 and IPv6 traffic. This issue affects Junos OS Evolved:  All versions from 22.2R1-EVO and later versions before 22.4R2-EVO, This issue does not affect Junos OS Evolved versions before 22.1R1-EVO.
References
History

Mon, 23 Sep 2024 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Juniper
Juniper acx7024
Juniper acx7024x
Juniper acx7100-32c
Juniper acx7100-48l
Juniper acx7332
Juniper acx7348
Juniper acx7509
Juniper junos Os Evolved
CPEs cpe:2.3:h:juniper:acx7024:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:acx7024x:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:acx7100-32c:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:acx7100-48l:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:acx7332:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:acx7348:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:acx7509:-:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*
Vendors & Products Juniper
Juniper acx7024
Juniper acx7024x
Juniper acx7100-32c
Juniper acx7100-48l
Juniper acx7332
Juniper acx7348
Juniper acx7509
Juniper junos Os Evolved

cve-icon MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2024-07-11T15:55:37.087Z

Updated: 2024-08-02T04:26:15.781Z

Reserved: 2024-06-25T15:12:53.239Z

Link: CVE-2024-39519

cve-icon Vulnrichment

Updated: 2024-07-11T18:57:50.859Z

cve-icon NVD

Status : Modified

Published: 2024-07-11T16:15:02.717

Modified: 2024-11-21T09:27:54.717

Link: CVE-2024-39519

cve-icon Redhat

No data.