{"vulnerability": "CVE-2024-39549", "sightings": [{"uuid": "aa557bdc-6ae6-47d0-aca0-3d907a342948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39549", "type": "seen", "source": "https://t.me/cvedetector/17314", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39564 - Juniper Junos OS/ Junos OS Evolved Double-Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39564 \nPublished : Feb. 5, 2025, 4:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : This is a similar, but different vulnerability than the issue reported as CVE-2024-39549.  \n  \nA\u00a0double-free vulnerability\u00a0in the routing process daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This double free of memory is causing an rpd crash, leading to a Denial of Service (DoS).  \n  \n  \nThis issue affects:  \n  \nJunos OS:\u00a0  *  from 22.4 before 22.4R3-S4.  \n  \n  \nJunos OS Evolved:  *  from 22.4 before 22.4R3-S4-EVO. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T19:09:22.000000Z"}, {"uuid": "877c9071-0923-47bb-b97d-df9c1f383f36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39549", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5563", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-39549\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).\n\nConsumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).\n\nMemory utilization could be monitored by:\u00a0\nuser@host> show system memory or show system monitor memory status\n\nThis issue affects:\n\nJunos OS:\u00a0  *  All versions before 21.2R3-S8,\u00a0\n  *  from 21.4 before 21.4R3-S8,\n\n  *  from 22.2 before 22.2R3-S4,\u00a0\n  *  from 22.3 before 22.3R3-S3,\u00a0\n  *  from 22.4 before 22.4R3-S3,\n  *  from 23.2 before 23.2R2-S1,\u00a0\n  *  from 23.4 before 23.4R1-S2, 23.4R2.\n\n\nJunos OS Evolved:\n  *  All versions before 21.2R3-S8-EVO, \n  *  from 21.4 before 21.4R3-S8-EVO,\n  *  from 22.2 before 22.2R3-S4-EVO, \n  *  from 22.3 before 22.3R3-S3-EVO, \n  *  from 22.4 before 22.4R3-S3-EVO,\n\n  *  from 23.2 before 23.2R2-S1-EVO, \n  *  from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.\n\ud83d\udccf Published: 2024-07-11T16:27:19.238Z\n\ud83d\udccf Modified: 2025-02-26T18:16:27.497Z\n\ud83d\udd17 References:\n1. https://supportportal.juniper.net/JSA83011", "creation_timestamp": "2025-02-26T18:24:07.000000Z"}, {"uuid": "505c54df-7fa3-4b73-b0b1-cac78069c736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39549", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5562", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-39564\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: This is a similar, but different vulnerability than the issue reported as CVE-2024-39549.\n\nA\u00a0double-free vulnerability\u00a0in the routing process daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This double free of memory is causing an rpd crash, leading to a Denial of Service (DoS).\n\n\nThis issue affects:\n\nJunos OS:\u00a0  *  from 22.4 before 22.4R3-S4.\n\n\nJunos OS Evolved:  *  from 22.4 before 22.4R3-S4-EVO.\n\ud83d\udccf Published: 2025-02-05T15:31:23.063Z\n\ud83d\udccf Modified: 2025-02-26T18:16:35.494Z\n\ud83d\udd17 References:\n1. https://supportportal.juniper.net/JSA83011", "creation_timestamp": "2025-02-26T18:24:06.000000Z"}, {"uuid": "01a4d230-2414-4fa3-acd6-a7a95ae24848", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39549", "type": "seen", "source": "https://t.me/cvedetector/681", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39549 - A Missing Release of Memory after Effective Lifeti\", \n  \"Content\": \"CVE ID : CVE-2024-39549 \nPublished : July 11, 2024, 5:15 p.m. | 42\u00a0minutes ago \nDescription : A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).  \n  \nConsumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).  \n  \nMemory utilization could be monitored by:\u00a0  \nuser@host> show system memory or show system monitor memory status  \n  \nThis issue affects:  \n  \nJunos OS:\u00a0  *  All versions before 21.2R3-S8,\u00a0  \n  *  from 21.4 before 21.4R3-S8,  \n  \n  *  from 22.2 before 22.2R3-S4,\u00a0  \n  *  from 22.3 before 22.3R3-S3,\u00a0  \n  *  from 22.4 before 22.4R3-S3,  \n  *  from 23.2 before 23.2R2-S1,\u00a0  \n  *  from 23.4 before 23.4R1-S2, 23.4R2,  \n  *  from 24.2 before\u00a024.2R2-EVO.  \n  \n  \nJunos OS Evolved:  \n  *  All versions before 21.2R3-S8-EVO,   \n  *  from 21.4 before 21.4R3-S8-EVO,  \n  *  from 22.2 before 22.2R3-S4-EVO,   \n  *  from 22.3 before 22.3R3-S3-EVO,   \n  *  from 22.4 before 22.4R3-S3-EVO,  \n  \n  *  from 23.2 before 23.2R2-S1-EVO,   \n  *  from 23.4 before 23.4R1-S2, 23.4R2,  \n  *  from 24.2 before 24.2R2-EVO. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T19:59:55.000000Z"}, {"uuid": "e97c69a3-1e65-4c15-9abf-baa9e7fcea81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39549", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhgxsjbsnx2r", "content": "", "creation_timestamp": "2025-02-05T16:16:01.149163Z"}, {"uuid": "12aaab56-5085-4476-abf8-a13ce03595cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39549", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113952018883330797", "content": "", "creation_timestamp": "2025-02-05T15:36:59.984391Z"}]}