CVE-2024-30410: Junos OS: EX4300 Series: Loopback filter not blocking traffic despite having discard term.

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-30410

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Junos OS: EX4300 Series: Loopback filter not blocking traffic despite having discard term.

Source: NVD (National Vulnerability Database)

Vulnerability Description

An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface. The intended function is that the lo0 firewall filter takes precedence over the revenue interface firewall filter. This issue affects only IPv6 firewall filter. This issue only affects the EX4300 switch. No other products or platforms are affected by this vulnerability. This issue affects Juniper Networks Junos OS: * All versions before 20.4R3-S10, * from 21.2 before 21.2R3-S7, * from 21.4 before 21.4R3-S6.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

不正确的行为次序

Source: NVD (National Vulnerability Database)

Vulnerability Title

Juniper Networks Junos OS 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Juniper Networks Junos OS是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS 20.4R3-S10之前、21.2R3-S7之前、21.4R3-S6 之前版本存在安全漏洞，该漏洞源于 routing engine (RE) 中的行为顺序不正确，当在环回 (lo0) 接口中设置丢弃项时，允许发送至设备的流量到达 RE，而不是被丢弃。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Juniper Networks	Junos	0 ~ 20.4R3-S10	-

II. Public POCs for CVE-2024-30410

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-30410

Please Login to view more intelligence information

https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:Ntechnical-description
https://supportportal.juniper.net/JSA79100vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2024-30410

IV. Related Vulnerabilities

Same vendor: Juniper Networks

Same weakness: CWE-696

V. Comments for CVE-2024-30410

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2024-30410

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-30410

III. Intelligence Information for CVE-2024-30410

IV. Related Vulnerabilities

V. Comments for CVE-2024-30410

Leave a comment