CVE-2024-39556: Junos OS and Junos OS Evolved: Loading a malicious certificate from the CLI may result in a stack-based overflow
First published: Wed Jul 10 2024(Updated: )
A Stack-Based Buffer Overflow vulnerability in Juniper Networks Junos OS and Juniper Networks Junos OS Evolved may allow a local, low-privileged attacker with access to the CLI the ability to load a malicious certificate file, leading to a limited Denial of Service (DoS) or privileged code execution. By exploiting the 'set security certificates' command with a crafted certificate file, a malicious attacker with access to the CLI could cause a crash of the command management daemon (mgd), limited to the local user's command interpreter, or potentially trigger a stack-based buffer overflow. This issue affects: Junos OS: * All versions before 21.4R3-S7, * from 22.1 before 22.1R3-S6, * from 22.2 before 22.2R3-S4, * from 22.3 before 22.3R3-S3, * from 22.4 before 22.4R3-S2, * from 23.2 before 23.2R2, * from 23.4 before 23.4R1-S1, 23.4R2; Junos OS Evolved: * All versions before 21.4R3-S7-EVO, * from 22.1-EVO before 22.1R3-S6-EVO, * from 22.2-EVO before 22.2R3-S4-EVO, * from 22.3-EVO before 22.3R3-S3-EVO, * from 22.4-EVO before 22.4R3-S2-EVO, * from 23.2-EVO before 23.2R2-EVO, * from 23.4-EVO before 23.4R1-S1-EVO, 23.4R2-EVO.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Networks Junos OS | <21.4R3-S7>=22.1<22.1R3-S6>=22.2<22.2R3-S4>=22.3<22.3R3-S3>=22.4<22.4R3-S2>=23.2<23.2R2>=23.4<23.4R1-S1 | |
| Juniper Networks Junos OS Evolved | <21.4R3-S7-EVO>=22.1-EVO<22.1R3-S6-EVO>=22.2-EVO<22.2R3-S4-EVO>=22.3-EVO<22.3R3-S3-EVO>=22.4-EVO<22.4R3-S2-EVO>=23.2-EVO<23.2R2-EVO>=23.4-EVO<23.4R1-S1-EVO | |
| Juniper JUNOS | <21.4 | |
| Juniper JUNOS | =21.4 | |
| Juniper JUNOS | =21.4-r1 | |
| Juniper JUNOS | =21.4-r1-s1 | |
| Juniper JUNOS | =21.4-r1-s2 | |
| Juniper JUNOS | =21.4-r2 | |
| Juniper JUNOS | =21.4-r2-s1 | |
| Juniper JUNOS | =21.4-r2-s2 | |
| Juniper JUNOS | =21.4-r3 | |
| Juniper JUNOS | =21.4-r3-s1 | |
| Juniper JUNOS | =21.4-r3-s2 | |
| Juniper JUNOS | =21.4-r3-s3 | |
| Juniper JUNOS | =21.4-r3-s4 | |
| Juniper JUNOS | =21.4-r3-s5 | |
| Juniper JUNOS | =21.4-r3-s6 | |
| Juniper JUNOS | =22.1 | |
| Juniper JUNOS | =22.1-r1 | |
| Juniper JUNOS | =22.1-r1-s1 | |
| Juniper JUNOS | =22.1-r1-s2 | |
| Juniper JUNOS | =22.1-r2 | |
| Juniper JUNOS | =22.1-r2-s1 | |
| Juniper JUNOS | =22.1-r2-s2 | |
| Juniper JUNOS | =22.1-r3 | |
| Juniper JUNOS | =22.1-r3-s1 | |
| Juniper JUNOS | =22.1-r3-s2 | |
| Juniper JUNOS | =22.1-r3-s3 | |
| Juniper JUNOS | =22.1-r3-s4 | |
| Juniper JUNOS | =22.1-r3-s5 | |
| Juniper JUNOS | =22.2 | |
| Juniper JUNOS | =22.2-r1 | |
| Juniper JUNOS | =22.2-r1-s1 | |
| Juniper JUNOS | =22.2-r1-s2 | |
| Juniper JUNOS | =22.2-r2 | |
| Juniper JUNOS | =22.2-r2-s1 | |
| Juniper JUNOS | =22.2-r2-s2 | |
| Juniper JUNOS | =22.2-r3 | |
| Juniper JUNOS | =22.2-r3-s1 | |
| Juniper JUNOS | =22.2-r3-s2 | |
| Juniper JUNOS | =22.2-r3-s3 | |
| Juniper JUNOS | =22.3 | |
| Juniper JUNOS | =22.3-r1 | |
| Juniper JUNOS | =22.3-r1-s1 | |
| Juniper JUNOS | =22.3-r1-s2 | |
| Juniper JUNOS | =22.3-r2 | |
| Juniper JUNOS | =22.3-r2-s1 | |
| Juniper JUNOS | =22.3-r2-s2 | |
| Juniper JUNOS | =22.3-r3 | |
| Juniper JUNOS | =22.3-r3-s1 | |
| Juniper JUNOS | =22.3-r3-s2 | |
| Juniper JUNOS | =22.4 | |
| Juniper JUNOS | =22.4-r1 | |
| Juniper JUNOS | =22.4-r1-s1 | |
| Juniper JUNOS | =22.4-r1-s2 | |
| Juniper JUNOS | =22.4-r2 | |
| Juniper JUNOS | =22.4-r2-s1 | |
| Juniper JUNOS | =22.4-r2-s2 | |
| Juniper JUNOS | =22.4-r3 | |
| Juniper JUNOS | =22.4-r3-s1 | |
| Juniper JUNOS | =23.2 | |
| Juniper JUNOS | =23.2-r1 | |
| Juniper JUNOS | =23.2-r1-s1 | |
| Juniper JUNOS | =23.2-r1-s2 | |
| Juniper JUNOS | =23.4 | |
| Juniper JUNOS | =23.4-r1 | |
| Juniper Junos os Evolved | <21.4 | |
| Juniper Junos os Evolved | =21.4 | |
| Juniper Junos os Evolved | =21.4-r1 | |
| Juniper Junos os Evolved | =21.4-r1-s1 | |
| Juniper Junos os Evolved | =21.4-r1-s2 | |
| Juniper Junos os Evolved | =21.4-r2 | |
| Juniper Junos os Evolved | =21.4-r2-s1 | |
| Juniper Junos os Evolved | =21.4-r2-s2 | |
| Juniper Junos os Evolved | =21.4-r3 | |
| Juniper Junos os Evolved | =21.4-r3-s1 | |
| Juniper Junos os Evolved | =21.4-r3-s2 | |
| Juniper Junos os Evolved | =21.4-r3-s3 | |
| Juniper Junos os Evolved | =21.4-r3-s4 | |
| Juniper Junos os Evolved | =21.4-r3-s5 | |
| Juniper Junos os Evolved | =21.4-r3-s6 | |
| Juniper Junos os Evolved | =22.1 | |
| Juniper Junos os Evolved | =22.1-r1 | |
| Juniper Junos os Evolved | =22.1-r1-s1 | |
| Juniper Junos os Evolved | =22.1-r1-s2 | |
| Juniper Junos os Evolved | =22.1-r2 | |
| Juniper Junos os Evolved | =22.1-r2-s1 | |
| Juniper Junos os Evolved | =22.1-r3 | |
| Juniper Junos os Evolved | =22.1-r3-s1 | |
| Juniper Junos os Evolved | =22.1-r3-s2 | |
| Juniper Junos os Evolved | =22.1-r3-s3 | |
| Juniper Junos os Evolved | =22.1-r3-s4 | |
| Juniper Junos os Evolved | =22.1-r3-s5 | |
| Juniper Junos os Evolved | =22.2 | |
| Juniper Junos os Evolved | =22.2-r1 | |
| Juniper Junos os Evolved | =22.2-r1-s1 | |
| Juniper Junos os Evolved | =22.2-r1-s2 | |
| Juniper Junos os Evolved | =22.2-r2 | |
| Juniper Junos os Evolved | =22.2-r2-s1 | |
| Juniper Junos os Evolved | =22.2-r2-s2 | |
| Juniper Junos os Evolved | =22.2-r3 | |
| Juniper Junos os Evolved | =22.2-r3-s1 | |
| Juniper Junos os Evolved | =22.2-r3-s2 | |
| Juniper Junos os Evolved | =22.2-r3-s3 | |
| Juniper Junos os Evolved | =22.3 | |
| Juniper Junos os Evolved | =22.3-r1 | |
| Juniper Junos os Evolved | =22.3-r1-s1 | |
| Juniper Junos os Evolved | =22.3-r1-s2 | |
| Juniper Junos os Evolved | =22.3-r2 | |
| Juniper Junos os Evolved | =22.3-r2-s1 | |
| Juniper Junos os Evolved | =22.3-r2-s2 | |
| Juniper Junos os Evolved | =22.3-r3 | |
| Juniper Junos os Evolved | =22.3-r3-s1 | |
| Juniper Junos os Evolved | =22.3-r3-s2 | |
| Juniper Junos os Evolved | =22.4 | |
| Juniper Junos os Evolved | =22.4-r1 | |
| Juniper Junos os Evolved | =22.4-r1-s1 | |
| Juniper Junos os Evolved | =22.4-r1-s2 | |
| Juniper Junos os Evolved | =22.4-r2 | |
| Juniper Junos os Evolved | =22.4-r2-s1 | |
| Juniper Junos os Evolved | =22.4-r2-s2 | |
| Juniper Junos os Evolved | =22.4-r3 | |
| Juniper Junos os Evolved | =22.4-r3-s1 | |
| Juniper Junos os Evolved | =23.2 | |
| Juniper Junos os Evolved | =23.2-r1 | |
| Juniper Junos os Evolved | =23.2-r1-s1 | |
| Juniper Junos os Evolved | =23.2-r1-s2 | |
| Juniper Junos os Evolved | =23.4 | |
| Juniper Junos os Evolved | =23.4-r1 |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS: 21.2R3-S8, 21.4R3-S7, 22.1R3-S6, 22.2R3-S4, 22.3R3-S3, 22.4R3-S2, 23.2R2, 23.4R1-S1, 23.4R2, 24.2R1, and all subsequent releases. Junos OS Evolved: 21.2R3-S8-EVO, 21.4R3-S7-EVO, 22.1R3-S6-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R1-S1-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/title
- agent/weakness
- agent/remedy
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- vendor/juniper networks
- canonical/juniper networks junos os
- canonical/juniper networks junos os evolved
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/21.4
- version/juniper junos/21.4-r1
- version/juniper junos/21.4-r1-s1
- version/juniper junos/21.4-r1-s2
- version/juniper junos/21.4-r2
- version/juniper junos/21.4-r2-s1
- version/juniper junos/21.4-r2-s2
- version/juniper junos/21.4-r3
- version/juniper junos/21.4-r3-s1
- version/juniper junos/21.4-r3-s2
- version/juniper junos/21.4-r3-s3
- version/juniper junos/21.4-r3-s4
- version/juniper junos/21.4-r3-s5
- version/juniper junos/21.4-r3-s6
- version/juniper junos/22.1
- version/juniper junos/22.1-r1
- version/juniper junos/22.1-r1-s1
- version/juniper junos/22.1-r1-s2
- version/juniper junos/22.1-r2
- version/juniper junos/22.1-r2-s1
- version/juniper junos/22.1-r2-s2
- version/juniper junos/22.1-r3
- version/juniper junos/22.1-r3-s1
- version/juniper junos/22.1-r3-s2
- version/juniper junos/22.1-r3-s3
- version/juniper junos/22.1-r3-s4
- version/juniper junos/22.1-r3-s5
- version/juniper junos/22.2
- version/juniper junos/22.2-r1
- version/juniper junos/22.2-r1-s1
- version/juniper junos/22.2-r1-s2
- version/juniper junos/22.2-r2
- version/juniper junos/22.2-r2-s1
- version/juniper junos/22.2-r2-s2
- version/juniper junos/22.2-r3
- version/juniper junos/22.2-r3-s1
- version/juniper junos/22.2-r3-s2
- version/juniper junos/22.2-r3-s3
- version/juniper junos/22.3
- version/juniper junos/22.3-r1
- version/juniper junos/22.3-r1-s1
- version/juniper junos/22.3-r1-s2
- version/juniper junos/22.3-r2
- version/juniper junos/22.3-r2-s1
- version/juniper junos/22.3-r2-s2
- version/juniper junos/22.3-r3
- version/juniper junos/22.3-r3-s1
- version/juniper junos/22.3-r3-s2
- version/juniper junos/22.4
- version/juniper junos/22.4-r1
- version/juniper junos/22.4-r1-s1
- version/juniper junos/22.4-r1-s2
- version/juniper junos/22.4-r2
- version/juniper junos/22.4-r2-s1
- version/juniper junos/22.4-r2-s2
- version/juniper junos/22.4-r3
- version/juniper junos/22.4-r3-s1
- version/juniper junos/23.2
- version/juniper junos/23.2-r1
- version/juniper junos/23.2-r1-s1
- version/juniper junos/23.2-r1-s2
- version/juniper junos/23.4
- version/juniper junos/23.4-r1
- canonical/juniper junos os evolved
- version/juniper junos os evolved/21.4
- version/juniper junos os evolved/21.4-r1
- version/juniper junos os evolved/21.4-r1-s1
- version/juniper junos os evolved/21.4-r1-s2
- version/juniper junos os evolved/21.4-r2
- version/juniper junos os evolved/21.4-r2-s1
- version/juniper junos os evolved/21.4-r2-s2
- version/juniper junos os evolved/21.4-r3
- version/juniper junos os evolved/21.4-r3-s1
- version/juniper junos os evolved/21.4-r3-s2
- version/juniper junos os evolved/21.4-r3-s3
- version/juniper junos os evolved/21.4-r3-s4
- version/juniper junos os evolved/21.4-r3-s5
- version/juniper junos os evolved/21.4-r3-s6
- version/juniper junos os evolved/22.1
- version/juniper junos os evolved/22.1-r1
- version/juniper junos os evolved/22.1-r1-s1
- version/juniper junos os evolved/22.1-r1-s2
- version/juniper junos os evolved/22.1-r2
- version/juniper junos os evolved/22.1-r2-s1
- version/juniper junos os evolved/22.1-r3
- version/juniper junos os evolved/22.1-r3-s1
- version/juniper junos os evolved/22.1-r3-s2
- version/juniper junos os evolved/22.1-r3-s3
- version/juniper junos os evolved/22.1-r3-s4
- version/juniper junos os evolved/22.1-r3-s5
- version/juniper junos os evolved/22.2
- version/juniper junos os evolved/22.2-r1
- version/juniper junos os evolved/22.2-r1-s1
- version/juniper junos os evolved/22.2-r1-s2
- version/juniper junos os evolved/22.2-r2
- version/juniper junos os evolved/22.2-r2-s1
- version/juniper junos os evolved/22.2-r2-s2
- version/juniper junos os evolved/22.2-r3
- version/juniper junos os evolved/22.2-r3-s1
- version/juniper junos os evolved/22.2-r3-s2
- version/juniper junos os evolved/22.2-r3-s3
- version/juniper junos os evolved/22.3
- version/juniper junos os evolved/22.3-r1
- version/juniper junos os evolved/22.3-r1-s1
- version/juniper junos os evolved/22.3-r1-s2
- version/juniper junos os evolved/22.3-r2
- version/juniper junos os evolved/22.3-r2-s1
- version/juniper junos os evolved/22.3-r2-s2
- version/juniper junos os evolved/22.3-r3
- version/juniper junos os evolved/22.3-r3-s1
- version/juniper junos os evolved/22.3-r3-s2
- version/juniper junos os evolved/22.4
- version/juniper junos os evolved/22.4-r1
- version/juniper junos os evolved/22.4-r1-s1
- version/juniper junos os evolved/22.4-r1-s2
- version/juniper junos os evolved/22.4-r2
- version/juniper junos os evolved/22.4-r2-s1
- version/juniper junos os evolved/22.4-r2-s2
- version/juniper junos os evolved/22.4-r3
- version/juniper junos os evolved/22.4-r3-s1
- version/juniper junos os evolved/23.2
- version/juniper junos os evolved/23.2-r1
- version/juniper junos os evolved/23.2-r1-s1
- version/juniper junos os evolved/23.2-r1-s2
- version/juniper junos os evolved/23.4
- version/juniper junos os evolved/23.4-r1