{"vulnerability": "cve-2024-3956", "sightings": [{"uuid": "f153fc6f-0be8-4f1b-a31c-1b4f95539e6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39561", "type": "seen", "source": "https://t.me/cvedetector/605", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-39561 - An Improper Check for Unusual or Exceptional Condi\", \n \"Content\": \"CVE ID : CVE-2024-39561 \nPublished : July 10, 2024, 11:15 p.m. | 16\u00a0minutes ago \nDescription : An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on \n \nSRX4600 and SRX5000 Series \n \n allows an attacker to send TCP packets with \n \nSYN/FIN or SYN/RST \n \n flags, bypassing the expected blocking of these packets. \n \nA TCP packet with SYN/FIN or SYN/RST should be dropped in flowd. However, when no-syn-check and Express Path\u00a0are enabled, these TCP packets are unexpectedly transferred to the downstream network. \n \nThis issue affects Junos OS on SRX4600 and SRX5000 Series: \n \n \n * All versions before 21.2R3-S8, \n * from 21.4 before 21.4R3-S7, \n * from 22.1 before 22.1R3-S6, \n * from 22.2 before 22.2R3-S4, \n * from 22.3 before 22.3R3-S3, \n * from 22.4 before 22.4R3-S2, \n * from 23.2 before 23.2R2, \n * from 23.4 before 23.4R1-S1, 23.4R2. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T01:35:22.000000Z"}, {"uuid": "5fa820dd-bfdb-4890-af72-1527679c331f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39560", "type": "seen", "source": "https://t.me/cvedetector/606", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-39560 - An Improper Handling of Exceptional Conditions vul\", \n \"Content\": \"CVE ID : CVE-2024-39560 \nPublished : July 10, 2024, 11:15 p.m. | 16\u00a0minutes ago \nDescription : An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbor to cause kernel memory exhaustion, leading to a kernel crash, resulting in a Denial of Service (DoS). \n \nThe kernel memory leak and eventual crash will be seen when the downstream RSVP neighbor has a persistent error which will not be corrected. \n \nSystem kernel memory can be monitored through the use of the 'show system statistics kernel memory' command as shown below: \n \nuser@router> show system statistics kernel memory \nMemory \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Size (kB) Percentage When \n\u00a0 Active \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 753092 \u00a0 \u00a0 18.4% Now \n\u00a0 Inactive \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 574300 \u00a0 \u00a0 14.0% Now \n\u00a0 Wired\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 443236 \u00a0 \u00a0 10.8% Now \n\u00a0 Cached\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 1911204 \u00a0 \u00a0 46.6% Now \n\u00a0 Buf \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 32768\u00a0 \u00a0 \u00a0 0.8% Now \n\u00a0 Free \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 385072\u00a0 \u00a0 \u00a0 9.4% Now \nKernel Memory\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0Now \n\u00a0 Data \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 312908\u00a0 \u00a0 \u00a0 7.6% Now \n\u00a0 Text \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 2560\u00a0 \u00a0 \u00a0 0.1% Now \n... \n \nThis issue affects: \nJunos OS: \n \n \n * All versions before 20.4R3-S9, \n * from 21.4 before 21.4R3-S5, \n * from 22.1 before 22.1R3-S5, \n * from 22.2 before 22.2R3-S3, \n * from 22.3 before 22.3R3-S2, \n * from 22.4 before 22.4R3, \n * from 23.2 before 23.2R2; \n \n \nJunos OS Evolved: \n \n \n * All versions before 21.4R3-S5-EVO, \n * from 22.1-EVO before 22.1R3-S5-EVO, \n * from 22.2-EVO before 22.2R3-S3-EVO, \n * from 22.3-EVO before 22.3R3-S2-EVO, \n * from 22.4-EVO before 22.4R3-EVO, \n * from 23.2-EVO before 23.2R2-EVO. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T01:35:23.000000Z"}, {"uuid": "109edbdd-1dbe-4cb8-be57-09604c0fb109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39562", "type": "seen", "source": "https://t.me/cvedetector/604", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-39562 - A Missing Release of Resource after Effective Life\", \n \"Content\": \"CVE ID : CVE-2024-39562 \nPublished : July 10, 2024, 11:15 p.m. | 16\u00a0minutes ago \nDescription : A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process, responsible for spawning SSH daemon (sshd) instances, of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service (DoS) by blocking SSH access for legitimate users. Continued receipt of these connections will create a sustained Denial of Service (DoS) condition. \n \nThe issue is triggered when a high rate of concurrent SSH requests are received and terminated in a specific way, causing xinetd to crash, and leaving defunct sshd processes. Successful exploitation of this vulnerability blocks both SSH access as well as services which rely upon SSH, such as SFTP, and\u00a0Netconf over SSH. \n \nOnce the system is in this state, legitimate users will be unable to SSH to the device until service is manually restored.\u00a0 See WORKAROUND section below. \n \nAdministrators can monitor an increase in defunct sshd processes by utilizing the CLI command: \n \n\u00a0 > show system processes | match sshd \n\u00a0 root \u00a0 25219 30901 0 Jul16 ? \u00a0 \u00a0 \u00a0 00:00:00 [sshd] \n \nThis issue affects Juniper Networks Junos OS Evolved: \n * All versions prior to 21.4R3-S7-EVO \n * 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-S2-EVO; \n * 22.4-EVO versions prior to 22.4R3-EVO; \n * 23.2-EVO versions prior to 23.2R2-EVO. \n \n \n \nThis issue does not affect Juniper Networks Junos OS Evolved 22.1-EVO nor 22.2-EVO. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T01:35:21.000000Z"}, {"uuid": "4115303d-5ab0-4901-b0b1-5f58bd003b14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39565", "type": "seen", "source": "https://t.me/cvedetector/603", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-39565 - An Improper Neutralization of Data within XPath Ex\", \n \"Content\": \"CVE ID : CVE-2024-39565 \nPublished : July 10, 2024, 11:15 p.m. | 16\u00a0minutes ago \nDescription : An Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to\u00a0execute\u00a0remote commands on the target device.\u00a0 \n \nWhile an administrator is logged into a J-Web session or has previously logged in and subsequently logged out of their J-Web session, the attacker can arbitrarily execute commands on the target device with the other user's credentials. In the worst case, the attacker will have full control over the device. \nThis issue affects Junos OS:\u00a0 \n \n \n \n * All versions before 21.2R3-S8,\u00a0 \n * from 21.4 before 21.4R3-S7, \n * from 22.2 before 22.2R3-S4, \n * from 22.3 before 22.3R3-S3, \n * from 22.4 before 22.4R3-S2, \n * from 23.2 before 23.2R2, \n * from 23.4 before 23.4R1-S1, 23.4R2. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T01:35:17.000000Z"}, {"uuid": "4539406a-11a7-45c4-9de5-96ff818590e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39568", "type": "seen", "source": "https://t.me/cvedetector/344", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-39568 - A vulnerability has been identified in SINEMA Remo\", \n \"Content\": \"CVE ID : CVE-2024-39568 \nPublished : July 9, 2024, 12:15 p.m. | 26\u00a0minutes ago \nDescription : A vulnerability has been identified in SINEMA Remote Connect Client (All versions Severity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T14:46:43.000000Z"}, {"uuid": "36579207-7e9d-4bb2-b8a7-31827801f128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39569", "type": "seen", "source": "https://t.me/cvedetector/341", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-39569 - A vulnerability has been identified in SINEMA Remo\", \n \"Content\": \"CVE ID : CVE-2024-39569 \nPublished : July 9, 2024, 12:15 p.m. | 26\u00a0minutes ago \nDescription : A vulnerability has been identified in SINEMA Remote Connect Client (All versions Severity: 6.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T14:46:40.000000Z"}, {"uuid": "7593e920-ecb8-46d9-b92e-28f75ddcc0d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39564", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113955424407781313", "content": "", "creation_timestamp": "2025-02-06T06:03:03.964246Z"}, {"uuid": "1f52f03d-763a-47a7-95dc-901daa391d19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39564", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5562", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-39564\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: This is a similar, but different vulnerability than the issue reported as CVE-2024-39549.\n\nA\u00a0double-free vulnerability\u00a0in the routing process daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This double free of memory is causing an rpd crash, leading to a Denial of Service (DoS).\n\n\nThis issue affects:\n\nJunos OS:\u00a0 * from 22.4 before 22.4R3-S4.\n\n\nJunos OS Evolved: * from 22.4 before 22.4R3-S4-EVO.\n\ud83d\udccf Published: 2025-02-05T15:31:23.063Z\n\ud83d\udccf Modified: 2025-02-26T18:16:35.494Z\n\ud83d\udd17 References:\n1. https://supportportal.juniper.net/JSA83011", "creation_timestamp": "2025-02-26T18:24:06.000000Z"}, {"uuid": "d0567684-afcd-4665-83e4-e81d6bf53996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39564", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113952018883330797", "content": "", "creation_timestamp": "2025-02-05T15:36:59.928860Z"}, {"uuid": "9cc1395f-226b-476b-a01b-31be934dd018", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39564", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhgxsjbsnx2r", "content": "", "creation_timestamp": "2025-02-05T16:16:01.113283Z"}, {"uuid": "a65c3f15-a866-451a-b2c1-f0cabb18a502", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-39564", "type": "seen", "source": "https://t.me/cvedetector/17314", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-39564 - Juniper Junos OS/ Junos OS Evolved Double-Free Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-39564 \nPublished : Feb. 5, 2025, 4:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : This is a similar, but different vulnerability than the issue reported as CVE-2024-39549. \n \nA\u00a0double-free vulnerability\u00a0in the routing process daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This double free of memory is causing an rpd crash, leading to a Denial of Service (DoS). \n \n \nThis issue affects: \n \nJunos OS:\u00a0 * from 22.4 before 22.4R3-S4. \n \n \nJunos OS Evolved: * from 22.4 before 22.4R3-S4-EVO. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T19:09:22.000000Z"}]}