CVE-2024-39533 (GCVE-0-2024-39533)

Vulnerability from cvelistv5 – Published: 2024-07-11 16:08 – Updated: 2024-08-02 04:26
VLAI?
Title
Junos OS: QFX5000 Series and EX4600 Series: Output firewall filter is not applied if certain match criteria are used
Summary
An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.If one or more of the following match conditions ip-source-address ip-destination-address arp-type which are not supported for this type of filter, are used in an ethernet switching filter, and then this filter is applied as an output filter, the configuration can be committed but the filter will not be in effect. This issue affects Junos OS on QFX5000 Series and EX4600 Series: * All version before 21.2R3-S7,  * 21.4 versions before 21.4R3-S6, * 22.1 versions before 22.1R3-S5, * 22.2 versions before 22.2R3-S3, * 22.3 versions before 22.3R3-S2,  * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R2. Please note that the implemented fix ensures these unsupported match conditions cannot be committed anymore.
Severity ?
5.8 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
6.9 (Medium)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
CWE
  • CWE-447 - Unimplemented or Unsupported Feature in UI
Assigner
References
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 0 , < 21.2R3-S7 (semver)
Affected: 21.4 , < 21.4R3-S6 (semver)
Affected: 22.1 , < 22.1R3-S5 (semver)
Affected: 22.2 , < 22.2R3-S3 (semver)
Affected: 22.3 , < 22.3R3-S2 (semver)
Affected: 22.4 , < 22.4R3 (semver)
Affected: 23.2 , < 23.2R2 (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:juniper:junos_os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "junos_os",
            "vendor": "juniper",
            "versions": [
              {
                "lessThan": "21.2r3-s7",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "21.4r3-s6",
                "status": "affected",
                "version": "21.4",
                "versionType": "custom"
              },
              {
                "lessThan": "221r3--s5",
                "status": "affected",
                "version": "22.1",
                "versionType": "custom"
              },
              {
                "lessThan": "22.2r3-s2",
                "status": "affected",
                "version": "22.2",
                "versionType": "custom"
              },
              {
                "lessThan": "22.3r3-s2",
                "status": "affected",
                "version": "22.3",
                "versionType": "custom"
              },
              {
                "lessThan": "22.4r3",
                "status": "affected",
                "version": "22.4",
                "versionType": "custom"
              },
              {
                "lessThan": "23.2r2",
                "status": "affected",
                "version": "23.2",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39533",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-11T17:43:31.828045Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-12T16:44:06.065Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:26:15.170Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://supportportal.juniper.net/JSA82993"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "QFX5000 Series",
            "EX4600 Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "21.2R3-S7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "21.4R3-S6",
              "status": "affected",
              "version": "21.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.1R3-S5",
              "status": "affected",
              "version": "22.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R3-S3",
              "status": "affected",
              "version": "22.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R3-S2",
              "status": "affected",
              "version": "22.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R3",
              "status": "affected",
              "version": "22.4",
              "versionType": "semver"
            },
            {
              "lessThan": "23.2R2",
              "status": "affected",
              "version": "23.2",
              "versionType": "semver"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following shows an example of such an affected filter:\u003cbr\u003e\u003ctt\u003e[ firewall family ethernet-switching filter \u0026lt;filter\u0026gt; term \u0026lt;term\u0026gt; from \n\nip-source-address\n\n ... ]\u003cbr\u003e[ interfaces \u0026lt;interface\u0026gt; unit \u0026lt;unit\u0026gt; family ethernet-switching filter output \u0026lt;filter\u0026gt; ]\u003c/tt\u003e"
            }
          ],
          "value": "The following shows an example of such an affected filter:\n[ firewall family ethernet-switching filter \u003cfilter\u003e term \u003cterm\u003e from \n\nip-source-address\n\n ... ]\n[ interfaces \u003cinterface\u003e unit \u003cunit\u003e family ethernet-switching filter output \u003cfilter\u003e ]"
        }
      ],
      "datePublic": "2024-07-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.\u003cp\u003eIf one or more of the following match conditions\u003c/p\u003e\u003ctt\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eip-source-address\u003cbr\u003e\u003c/span\u003e\u003c/tt\u003e\u003ctt\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eip-destination-address\u003cbr\u003e\u003c/span\u003e\u003c/tt\u003e\u003ctt\u003e\u003cspan style=\"background-color: var(--wht);\"\u003earp-type\u003c/span\u003e\u003c/tt\u003e\n\n\u003cp\u003ewhich are not supported for this type of filter, are used in an \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eethernet switching \u003c/span\u003efilter,\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eand then this filter is applied as an output filter, the configuration can be committed but the filter will not be in effect.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Junos OS on QFX5000 Series and EX4600 Series:\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll version before 21.2R3-S7,\u0026nbsp;\u003c/li\u003e\u003cli\u003e21.4 versions before 21.4R3-S6,\u003c/li\u003e\u003cli\u003e22.1 versions before 22.1R3-S5,\u003c/li\u003e\u003cli\u003e22.2 versions before 22.2R3-S3,\u003c/li\u003e\u003cli\u003e22.3 versions before 22.3R3-S2,\u0026nbsp;\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R3,\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2.\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePlease note that the implemented fix ensures these unsupported match conditions cannot be committed anymore.\u003c/span\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.If one or more of the following match conditions\n\nip-source-address\nip-destination-address\narp-type\n\nwhich are not supported for this type of filter, are used in an ethernet switching filter,\u00a0and then this filter is applied as an output filter, the configuration can be committed but the filter will not be in effect.\n\n\n\n\nThis issue affects Junos OS on QFX5000 Series and EX4600 Series:\n\n  *  All version before 21.2R3-S7,\u00a0\n  *  21.4 versions before 21.4R3-S6,\n  *  22.1 versions before 22.1R3-S5,\n  *  22.2 versions before 22.2R3-S3,\n  *  22.3 versions before 22.3R3-S2,\u00a0\n  *  22.4 versions before 22.4R3,\n  *  23.2 versions before 23.2R2.\n\n\n\nPlease note that the implemented fix ensures these unsupported match conditions cannot be committed anymore."
        }
      ],
      "exploits": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-447",
              "description": "CWE-447 Unimplemented or Unsupported Feature in UI",
              "lang": "eng",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-11T16:08:29.431Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/JSA82993"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S7, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R2, 23.4R1, and all subsequent releases.\u003cbr\u003e"
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S7, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R2, 23.4R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA82993",
        "defect": [
          "1761884"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: QFX5000 Series and EX4600 Series: Output firewall filter is not applied if certain match criteria are used",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There are no known workarounds for this issue."
            }
          ],
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2024-39533",
    "datePublished": "2024-07-11T16:08:29.431Z",
    "dateReserved": "2024-06-25T15:12:53.241Z",
    "dateUpdated": "2024-08-02T04:26:15.170Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-39533\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-11T17:43:31.828045Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:juniper:junos_os:*:*:*:*:*:*:*:*\"], \"vendor\": \"juniper\", \"product\": \"junos_os\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"21.2r3-s7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"21.4\", \"lessThan\": \"21.4r3-s6\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"22.1\", \"lessThan\": \"221r3--s5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"22.2\", \"lessThan\": \"22.2r3-s2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"22.3\", \"lessThan\": \"22.3r3-s2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"22.4\", \"lessThan\": \"22.4r3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"23.2\", \"lessThan\": \"23.2r2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-11T17:44:49.845Z\"}}], \"cna\": {\"title\": \"Junos OS: QFX5000 Series and EX4600 Series: Output firewall filter is not applied if certain match criteria are used\", \"source\": {\"defect\": [\"1761884\"], \"advisory\": \"JSA82993\", \"discovery\": \"USER\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 6.9, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"LOW\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"21.2R3-S7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"21.4\", \"lessThan\": \"21.4R3-S6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.1\", \"lessThan\": \"22.1R3-S5\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.2\", \"lessThan\": \"22.2R3-S3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.3\", \"lessThan\": \"22.3R3-S2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.4\", \"lessThan\": \"22.4R3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.2\", \"lessThan\": \"23.2R2\", \"versionType\": \"semver\"}], \"platforms\": [\"QFX5000 Series\", \"EX4600 Series\"], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"eng\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"base64\": false}]}], \"solutions\": [{\"lang\": \"eng\", \"value\": \"The following software releases have been updated to resolve this specific issue: 21.2R3-S7, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R2, 23.4R1, and all subsequent releases.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The following software releases have been updated to resolve this specific issue: 21.2R3-S7, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R2, 23.4R1, and all subsequent releases.\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2024-07-10T16:00:00.000Z\", \"references\": [{\"url\": \"https://supportportal.juniper.net/JSA82993\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"There are no known workarounds for this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"There are no known workarounds for this issue.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.If one or more of the following match conditions\\n\\nip-source-address\\nip-destination-address\\narp-type\\n\\nwhich are not supported for this type of filter, are used in an ethernet switching filter,\\u00a0and then this filter is applied as an output filter, the configuration can be committed but the filter will not be in effect.\\n\\n\\n\\n\\nThis issue affects Junos OS on QFX5000 Series and EX4600 Series:\\n\\n  *  All version before 21.2R3-S7,\\u00a0\\n  *  21.4 versions before 21.4R3-S6,\\n  *  22.1 versions before 22.1R3-S5,\\n  *  22.2 versions before 22.2R3-S3,\\n  *  22.3 versions before 22.3R3-S2,\\u00a0\\n  *  22.4 versions before 22.4R3,\\n  *  23.2 versions before 23.2R2.\\n\\n\\n\\nPlease note that the implemented fix ensures these unsupported match conditions cannot be committed anymore.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.\u003cp\u003eIf one or more of the following match conditions\u003c/p\u003e\u003ctt\u003e\u003cspan style=\\\"background-color: var(--wht);\\\"\u003eip-source-address\u003cbr\u003e\u003c/span\u003e\u003c/tt\u003e\u003ctt\u003e\u003cspan style=\\\"background-color: var(--wht);\\\"\u003eip-destination-address\u003cbr\u003e\u003c/span\u003e\u003c/tt\u003e\u003ctt\u003e\u003cspan style=\\\"background-color: var(--wht);\\\"\u003earp-type\u003c/span\u003e\u003c/tt\u003e\\n\\n\u003cp\u003ewhich are not supported for this type of filter, are used in an \u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eethernet switching \u003c/span\u003efilter,\u0026nbsp;\u003cspan style=\\\"background-color: var(--wht);\\\"\u003eand then this filter is applied as an output filter, the configuration can be committed but the filter will not be in effect.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Junos OS on QFX5000 Series and EX4600 Series:\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll version before 21.2R3-S7,\u0026nbsp;\u003c/li\u003e\u003cli\u003e21.4 versions before 21.4R3-S6,\u003c/li\u003e\u003cli\u003e22.1 versions before 22.1R3-S5,\u003c/li\u003e\u003cli\u003e22.2 versions before 22.2R3-S3,\u003c/li\u003e\u003cli\u003e22.3 versions before 22.3R3-S2,\u0026nbsp;\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R3,\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2.\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003ePlease note that the implemented fix ensures these unsupported match conditions cannot be committed anymore.\u003c/span\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"eng\", \"type\": \"CWE\", \"cweId\": \"CWE-447\", \"description\": \"CWE-447 Unimplemented or Unsupported Feature in UI\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"The following shows an example of such an affected filter:\\n[ firewall family ethernet-switching filter \u003cfilter\u003e term \u003cterm\u003e from \\n\\nip-source-address\\n\\n ... ]\\n[ interfaces \u003cinterface\u003e unit \u003cunit\u003e family ethernet-switching filter output \u003cfilter\u003e ]\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The following shows an example of such an affected filter:\u003cbr\u003e\u003ctt\u003e[ firewall family ethernet-switching filter \u0026lt;filter\u0026gt; term \u0026lt;term\u0026gt; from \\n\\nip-source-address\\n\\n ... ]\u003cbr\u003e[ interfaces \u0026lt;interface\u0026gt; unit \u0026lt;unit\u0026gt; family ethernet-switching filter output \u0026lt;filter\u0026gt; ]\u003c/tt\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"shortName\": \"juniper\", \"dateUpdated\": \"2024-07-11T16:08:29.431Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-39533\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-07-12T16:44:06.065Z\", \"dateReserved\": \"2024-06-25T15:12:53.241Z\", \"assignerOrgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"datePublished\": \"2024-07-11T16:08:29.431Z\", \"assignerShortName\": \"juniper\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.