CVE-2024-30388: Junos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flaps
First published: Fri Apr 12 2024(Updated: )
An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss. This issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series: * 20.4 versions from 20.4R3-S4 before 20.4R3-S8, * 21.2 versions from 21.2R3-S2 before 21.2R3-S6, * 21.4 versions from 21.4R2 before 21.4R3-S4, * 22.1 versions from 22.1R2 before 22.1R3-S3, * 22.2 versions before 22.2R3-S1, * 22.3 versions before 22.3R2-S2, 22.3R3, * 22.4 versions before 22.4R2-S1, 22.4R3.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Junos | >=20.4R3-S4<20.4R3-S8>=21.2R3-S2<21.2R3-S6>=21.4R2<21.4R3-S4>=22.1R2<22.1R3-S3<22.2R3-S1<22.3R2-S2>22.4R2-S1<22.4R3 |
Remedy
The following software releases have been updated to resolve this specific issue: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-30388?
CVE-2024-30388 is a high severity vulnerability that can lead to Denial of Service (DoS) through malformed LACP packets.
How do I fix CVE-2024-30388?
To mitigate CVE-2024-30388, it is recommended to upgrade your Junos OS to a version that addresses this vulnerability.
Which devices are affected by CVE-2024-30388?
CVE-2024-30388 affects Juniper Networks Junos OS on QFX5000 Series and EX Series devices.
Can CVE-2024-30388 be exploited remotely?
CVE-2024-30388 requires an adjacent attacker to exploit the vulnerability, meaning affected devices must be on the same local network.
What type of attack can CVE-2024-30388 lead to?
CVE-2024-30388 can result in a Denial of Service (DoS), making the affected services unavailable.
- agent/title
- agent/weakness
- agent/type
- agent/first-publish-date
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/author
- agent/severity
- agent/event
- agent/remedy
- collector/nvd-api
- source/NVD
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/juniper networks
- canonical/juniper junos