CVE-2025-30651

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-30651
A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When an attacker sends a specific ICMPv6 packet to an interface with "protocols router-advertisement" configured, rpd crashes and restarts. Continued receipt of this packet will cause a sustained DoS condition.  This issue only affects systems configured with IPv6. This issue affects Junos OS:  * All versions before 21.2R3-S9,  * from 21.4 before 21.4R3-S10, * from 22.2 before 22.2R3-S6, * from 22.4 before 22.4R3-S4, * from 23.2 before 23.2R2-S2, * from 23.4 before 23.4R2; and Junos OS Evolved: * All versions before 21.2R3-S9-EVO, * from 21.4-EVO before 21.4R3-S10-EVO, * from 22.2-EVO before 22.2R3-S6-EVO, * from 22.4-EVO before 22.4R3-S4-EVO, * from 23.2-EVO before 23.2R2-S2-EVO, * from 23.4-EVO before 23.4R2-EVO.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://supportportal.juniper.net/JSA96461
Configurations

No configuration.

History

11 Apr 2025, 15:40

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad de acceso al búfer con valor de longitud incorrecto en el demonio del protocolo de enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante no autenticado, basado en la red, provoque una denegación de servicio (DoS). Cuando un atacante envía un paquete ICMPv6 específico a una interfaz con la configuración "protocols router-advertisement", rpd se bloquea y se reinicia. La recepción continua de este paquete provocará una denegación de servicio (DoS) sostenida. Este problema solo afecta a sistemas configurados con IPv6. Este problema afecta a Junos OS: * Todas las versiones anteriores a 21.2R3-S9, * desde 21.4 hasta 21.4R3-S10, * desde 22.2 hasta 22.2R3-S6, * desde 22.4 hasta 22.4R3-S4, * desde 23.2 hasta 23.2R2-S2, * desde 23.4 hasta 23.4R2. y Junos OS Evolved: * Todas las versiones anteriores a 21.2R3-S9-EVO, * desde 21.4-EVO hasta 21.4R3-S10-EVO, * desde 22.2-EVO hasta 22.2R3-S6-EVO, * desde 22.4-EVO hasta 22.4R3-S4-EVO, * desde 23.2-EVO hasta 23.2R2-S2-EVO, * desde 23.4-EVO hasta 23.4R2-EVO.

09 Apr 2025, 20:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-04-09 20:15

Updated : 2025-04-11 15:40

NVD link : CVE-2025-30651

Mitre link : CVE-2025-30651

CVE.ORG link : CVE-2025-30651

JSON object : View

Products Affected

No product.

CWE
CWE-805

Buffer Access with Incorrect Length Value