{"uuid": "7b220417-eeb8-41ee-9edb-d427e78ee384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39515", "type": "seen", "source": "https://t.me/cvedetector/7531", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39515 - Juniper Networks Junos OS Denial of Service (DoS) vulnerability in BGP Routing Protocol Daemon (rpd)\", \n  \"Content\": \"CVE ID : CVE-2024-39515 \nPublished : Oct. 9, 2024, 8:15 p.m. | 44\u00a0minutes ago \nDescription : An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.  \n  \nIn some cases, rpd fails to restart requiring a manual restart via the 'restart routing' CLI command.  \n  \nThis issue only affects systems with BGP traceoptions enabled and   \n  \nrequires a BGP session to be already established.  Systems without BGP traceoptions enabled are not affected by this issue.  \n  \nThis issue affects iBGP and eBGP, and both IPv4 and IPv6 are affected by this vulnerability.  \n  \nThis issue affects:  \n  \nJunos OS:\u00a0  \n  \n  *  All versions before 21.4R3-S8,\u00a0  \n  *  22.2 before 22.2R3-S5,\u00a0  \n  *  22.3 before 22.3R3-S4,\u00a0  \n  *  22.4 before 22.4R3-S3,\u00a0  \n  *  23.2 before 23.2R2-S2,\u00a0  \n  *  23.4 before 23.4R2;\u00a0  \n  \n  \nJunos OS Evolved:\u00a0  \n  \n  *  All versions before 21.4R3-S8-EVO,\u00a0  \n  *  22.2-EVO before 22.2R3-S5-EVO,\u00a0  \n  *  22.3-EVO before 22.3R3-S4-EVO,\u00a0  \n  *  22.4-EVO before 22.4R3-S3-EVO,\u00a0  \n  *  23.2-EVO before 23.2R2-S2-EVO,\u00a0  \n  *  23.4-EVO before 23.4R2-EVO. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-09T23:11:17.000000Z"}