CVE-2024-39534

{"id": "CVE-2024-39534", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.3, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2024-10-11T16:15:06.970", "references": [{"url": "https://supportportal.juniper.net/JSA88105", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-697"}]}], "descriptions": [{"lang": "en", "value": "An\u00a0Incorrect Comparison vulnerability in the local address verification API of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker to create sessions or send traffic to the device using the network and broadcast address of the subnet assigned to an interface. This is unintended and unexpected behavior and can allow an attacker to bypass certain compensating controls, such as stateless firewall filters.\n\nThis issue affects Junos OS Evolved:\u00a0\n\n\n\n * All versions before 21.4R3-S8-EVO,\u00a0\n * 22.2-EVO before 22.2R3-S4-EVO,\u00a0\n * 22.3-EVO before 22.3R3-S4-EVO,\u00a0\n * 22.4-EVO before 22.4R3-S3-EVO,\u00a0\n * 23.2-EVO before 23.2R2-S1-EVO,\u00a0\n * 23.4-EVO before 23.4R1-S2-EVO, 23.4R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de comparaci\u00f3n incorrecta en la API de verificaci\u00f3n de direcci\u00f3n local de Juniper Networks Junos OS Evolved permite que un atacante no autenticado adyacente a la red cree sesiones o env\u00ede tr\u00e1fico al dispositivo utilizando la direcci\u00f3n de red y de difusi\u00f3n de la subred asignada a una interfaz. Este es un comportamiento no deseado e inesperado y puede permitir que un atacante eluda ciertos controles de compensaci\u00f3n, como filtros de firewall sin estado. Este problema afecta a Junos OS Evolved: * Todas las versiones anteriores a 21.4R3-S8-EVO, * 22.2-EVO anteriores a 22.2R3-S4-EVO, * 22.3-EVO anteriores a 22.3R3-S4-EVO, * 22.4-EVO anteriores a 22.4R3-S3-EVO, * 23.2-EVO anteriores a 23.2R2-S1-EVO, * 23.4-EVO anteriores a 23.4R1-S2-EVO, 23.4R2-EVO."}], "lastModified": "2026-01-23T18:53:16.403", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A51696D6-8503-4CBD-AD19-861E5BE94ED4", "versionEndExcluding": "21.4"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74ED0939-D5F8-4334-9838-40F29DE3597F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6937069-8C19-4B01-8415-ED7E9EAE2CE2"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97DB6DD5-F5DD-4AE1-AF2F-8DB9E18FF882"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21DF05B8-EF7E-422F-8831-06904160714C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "492FCE45-68A1-4378-85D4-C4034FE0D836"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "522114CC-1505-4205-B4B8-797DE1BD833B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9D664AB-0FA7-49C7-B6E1-69C77652FBEF"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DB01252-2F11-41DB-9023-C74FD723334E"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F91450D5-F8CE-42EA-BB7E-312FCE024CD1"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E616550-8711-4282-A8A1-11BD5974E650"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7FEFD0A-A969-4F53-8668-1231FD675D6F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C63DBEE5-B0C2-498F-A672-B6596C89B0A2"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9370C46D-3AA1-4562-B67F-DF6EA10F209B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FD8C240-A7FE-4FD5-ADCC-289C1BC461BF"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FB9F20B-7683-4B0D-8D2B-5569414EBC29"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA4481D2-F693-48A5-8DBC-E86430987A25"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "136CA584-2475-4A14-9771-F367180201D4"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4546776C-A657-42E3-9A36-47F9F59A88AD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "156DD8ED-CE6E-48C0-9E67-16B04767D62E"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10F9C2B1-BD81-4EDC-ADF5-4B0F39001C7A"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61F649B0-0121-4760-9432-5F57214EFC2B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A0322FF-0B78-47EC-A7D3-06298ED56EF4"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04CE952D-E3C1-4B34-9E65-EC52BFE887AB"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8643AA3-29EF-48A7-B033-CB60988E214B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9800BA03-E6BF-4212-B2E7-69C0FD27D294"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACCA655D-C542-44F1-B183-4C864CFF2D4F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D499B19-A91A-4B76-B1CB-6A07A4CB212B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DEAA7FD-385F-4221-907E-65ABC16BE4BE"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "558D234D-BC50-415F-86D6-8E19D6C3ACE0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33F4EEEE-77E9-4973-A770-99E7BA2F05F5"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4BB6910-B994-45FD-8153-5EC00EE842E6"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7147BA60-30A5-4CED-9AAF-F6BEA0528B89"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB82B22F-9005-4EF0-A1E3-4261757783D4"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}