How severe is CVE-2024-30389?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2024-30389?

This is classified as CWE-696, which is a common weakness in software security.

CVE-2024-30389 - MEDIUM Severity | CVSS 5.8

Vulnerability Description

An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic. This issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6. This issue does not affect Junos OS releases earlier than 21.4R1.

Related Vulnerabilities

CVE-2024-30410

MEDIUM

CVSS:5.8(Medium)

An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard t...

CWE-6962024

CVE-2021-22569

MEDIUM

CVSS:5.5(Medium)

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for...

CWE-6962021

CVE-2024-35229

MEDIUM

CVSS:5.3(Medium)

ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to version 1.3.10, there is a very specific pattern `f(a(),b()); check_if_a_executed_last()` in Yul that exposes...

CWE-6962024

CVE-2024-45157

MEDIUM

CVSS:5.1(Medium)

An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not ...

CWE-6962024

CVE-2023-52968

MEDIUM

CVSS:4.9(Medium)

MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_deriv...

CWE-6962023

CVE-2025-20012

MEDIUM

CVSS:4.9(Medium)

Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access.

CWE-6962025