Show plain JSON{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-39553", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2024-06-25T15:12:53.246Z", "datePublished": "2024-07-11T16:32:03.929Z", "dateUpdated": "2024-08-02T04:26:15.933Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.4R3-S7-EVO", "status": "affected", "version": "21.4-EVO", "versionType": "semver"}, {"lessThan": "22.2R3-S3-EVO", "status": "affected", "version": "22.2-EVO", "versionType": "semver"}, {"lessThan": "22.3R3-S2-EVO", "status": "affected", "version": "22.3-EVO", "versionType": "semver"}, {"lessThan": "22.4R3-EVO", "status": "affected", "version": "22.4-EVO", "versionType": "semver"}, {"lessThan": "23.2R1-S2-EVO, 23.2R2-EVO", "status": "affected", "version": "23.2-EVO", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "This issue only happens when inline jflow is configured:<br><br><tt>\u2003[ services flow-monitoring (version-ipfix|version9) ]<br><span style=\"background-color: rgb(239, 250, 102);\"><br></span><span style=\"background-color: var(--wht);\">\u2003[ forwarding-options sampling instance 1 input rate 33333]<br></span><span style=\"background-color: var(--wht);\">\u2003[ forwarding-options sampling instance 1 family inet output flow-server x.x.x.x port 9991]<br></span><span style=\"background-color: var(--wht);\">\u2003[ forwarding-options sampling instance 1 family inet output flow-server x.x.x.x version9 template 1]<br></span><span style=\"background-color: var(--wht);\">\u2003[ forwarding-options sampling instance 1 family inet output inline-jflow\nsource-address y.y.y.y]</span></tt><span style=\"background-color: var(--wht);\"><br></span><br>"}], "value": "This issue only happens when inline jflow is configured:\n\n\u2003[ services flow-monitoring (version-ipfix|version9) ]\n\n\u2003[ forwarding-options sampling instance 1 input rate 33333]\n\u2003[ forwarding-options sampling instance 1 family inet output flow-server x.x.x.x port 9991]\n\u2003[ forwarding-options sampling instance 1 family inet output flow-server x.x.x.x version9 template 1]\n\u2003[ forwarding-options sampling instance 1 family inet output inline-jflow\nsource-address y.y.y.y]"}], "datePublic": "2024-07-10T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Exposure of Resource to Wrong Sphere vulnerability in the sampling service <span style=\"background-color: var(--wht);\">of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to send arbitrary data to the device, which leads msvcsd process to crash with limited availability impacting Denial of Service (DoS) and allows unauthorized network access to the device, potentially impacting system integrity.<br><br>This issue only happens when inline jflow is configured.<br><br>This does not impact any forwarding traffic. The impacted services MSVCS-DB app crashes momentarily and recovers by itself. <br></span><br>This issue affects Juniper Networks Junos OS Evolved: <br><ul><li>21.4 versions <span style=\"background-color: rgb(255, 255, 255);\">earlier than </span>21.4R3-S7-EVO; </li><li>22.2 versions <span style=\"background-color: rgb(255, 255, 255);\">earlier than </span>22.2R3-S3-EVO;</li><li>22.3 versions earlier than 22.3R3-S2-EVO;</li><li>22.4 versions earlier than 22.4R3-EVO;</li><li>23.2 versions earlier than 23.2R1-S2-EVO, 23.2R2-EVO.</li></ul><br>"}], "value": "An Exposure of Resource to Wrong Sphere vulnerability in the sampling service\u00a0of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to send arbitrary data to the device, which leads msvcsd process to crash with limited availability impacting Denial of Service (DoS) and allows unauthorized network access to the device, potentially impacting system integrity.\n\nThis issue only happens when inline jflow is configured.\n\nThis does not impact any forwarding traffic. The impacted services MSVCS-DB app crashes momentarily and recovers by itself.\u00a0\n\nThis issue affects Juniper Networks Junos OS Evolved:\u00a0\n * 21.4 versions earlier than 21.4R3-S7-EVO;\u00a0\n * 22.2 versions earlier than\u00a022.2R3-S3-EVO;\n * 22.3 versions earlier than 22.3R3-S2-EVO;\n * 22.4 versions earlier than 22.4R3-EVO;\n * 23.2 versions earlier than 23.2R1-S2-EVO, 23.2R2-EVO."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Juniper SIRT is not aware of any malicious exploitation of this vulnerability.</p>"}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "AUTOMATIC", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.9, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:L/R:A", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-668", "description": "CWE-668: Exposure of Resource to Wrong Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-07-11T16:32:03.929Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://supportportal.juniper.net/JSA79101"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The following software releases have been updated to resolve this specific issue: </p><p>Junos OS Evolved: 21.4R3-S7-EVO, 22.2R3-S3-EVO, 22.3R3-S2-EVO, 22.4R3-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases.</p>"}], "value": "The following software releases have been updated to resolve this specific issue:\u00a0\n\nJunos OS Evolved: 21.4R3-S7-EVO, 22.2R3-S3-EVO, 22.3R3-S2-EVO, 22.4R3-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases."}], "source": {"advisory": "JSA79101", "defect": ["1763417"], "discovery": "USER"}, "timeline": [{"lang": "en", "time": "2024-07-10T16:00:00.000Z", "value": "Initial Publication"}], "title": "Junos OS Evolved: Receipt of arbitrary data when sampling service is enabled, leads to partial Denial of Service (DoS).", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There are no known workarounds for this issue."}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-av217"}}, "adp": [{"affected": [{"vendor": "juniper", "product": "junos_os_evolved", "cpes": ["cpe:2.3:o:juniper:junos_os_evolved:21.4:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "21.4", "status": "affected", "lessThan": "21.4r3-s7", "versionType": "custom"}, {"version": "22.2", "status": "affected", "lessThan": "22.2r3-s3", "versionType": "custom"}, {"version": "22.3", "status": "affected", "lessThan": "22.3r3-s2", "versionType": "custom"}, {"version": "22.4", "status": "affected", "lessThan": "22.4r3", "versionType": "custom"}, {"version": "23.2", "status": "affected", "lessThan": "23.23r1-s2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-11T18:59:46.861306Z", "id": "CVE-2024-39553", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T19:02:31.411Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:26:15.933Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://supportportal.juniper.net/JSA79101"}]}]}}