Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-30389

An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic. This issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6. This issue does not affect Junos OS releases earlier than 21.4R1.

Published

2024-04-12T16:15:38.317

Last Modified

2025-02-06T20:36:23.717

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.8 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-696
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System juniper junos 21.4 Yes
Operating System juniper junos 21.4 Yes
Operating System juniper junos 21.4 Yes
Operating System juniper junos 21.4 Yes
Operating System juniper junos 21.4 Yes
Operating System juniper junos 21.4 Yes
Operating System juniper junos 21.4 Yes
Operating System juniper junos 21.4 Yes
Operating System juniper junos 21.4 Yes
Operating System juniper junos 21.4 Yes
Operating System juniper junos 21.4 Yes
Operating System juniper junos 21.4 Yes
Hardware juniper ex4300 - No
Hardware juniper ex4300-24p - No
Hardware juniper ex4300-24p-s - No
Hardware juniper ex4300-24t - No
Hardware juniper ex4300-24t-s - No
Hardware juniper ex4300-32f - No
Hardware juniper ex4300-32f-dc - No
Hardware juniper ex4300-32f-s - No
Hardware juniper ex4300-48mp - No
Hardware juniper ex4300-48mp-s - No
Hardware juniper ex4300-48p - No
Hardware juniper ex4300-48p-s - No
Hardware juniper ex4300-48t - No
Hardware juniper ex4300-48t-afi - No
Hardware juniper ex4300-48t-dc - No
Hardware juniper ex4300-48t-dc-afi - No
Hardware juniper ex4300-48t-s - No
References