An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device.
When an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic.
This issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6.
This issue does not affect Junos OS releases earlier than 21.4R1.
References
| Link | Resource |
|---|---|
| http://supportportal.juniper.net/JSA79185 | Vendor Advisory |
| https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N | Issue Tracking |
| http://supportportal.juniper.net/JSA79185 | Vendor Advisory |
| https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N | Issue Tracking |
Configurations
Configuration 1 (hide)
| AND |
|
History
06 Feb 2025, 20:36
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | NVD-CWE-Other | |
| First Time |
Juniper ex4300-24p-s
Juniper ex4300-24p Juniper ex4300-48t-s Juniper ex4300-24t-s Juniper ex4300 Juniper ex4300-48p Juniper ex4300-48t Juniper ex4300-48t-afi Juniper ex4300-48p-s Juniper junos Juniper ex4300-32f-dc Juniper ex4300-32f-s Juniper ex4300-48t-dc-afi Juniper ex4300-48mp Juniper ex4300-48t-dc Juniper ex4300-32f Juniper ex4300-48mp-s Juniper ex4300-24t Juniper |
|
| References | () http://supportportal.juniper.net/JSA79185 - Vendor Advisory | |
| References | () https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N - Issue Tracking | |
| CPE | cpe:2.3:h:juniper:ex4300-32f-s:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-48t-afi:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-32f-dc:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-48p-s:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-48mp:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-24t:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-32f:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-48t-s:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-48mp-s:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-48t:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-24t-s:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-24p:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-24p-s:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-48t-dc:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-48t-dc-afi:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:* cpe:2.3:h:juniper:ex4300-48p:-:*:*:*:*:*:*:* |
Information
Published : 2024-04-12 16:15
Updated : 2025-02-06 20:36
NVD link : CVE-2024-30389
Mitre link : CVE-2024-30389
CVE.ORG link : CVE-2024-30389
JSON object : View
Products Affected
juniper
- ex4300-32f
- ex4300-48p-s
- ex4300-48t-s
- ex4300-24p
- ex4300-32f-s
- ex4300-48t-dc
- ex4300-24t
- ex4300-48p
- ex4300
- ex4300-48t
- ex4300-48mp-s
- ex4300-24t-s
- ex4300-48t-afi
- ex4300-48t-dc-afi
- junos
- ex4300-32f-dc
- ex4300-48mp
- ex4300-24p-s
CWE