How severe is CVE-2024-30403?

This vulnerability has a severity rating of HIGH with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2024-30403?

This is classified as CWE-476, which is a common weakness in software security.

CVE-2024-30403 - HIGH Severity | CVSS 6.5

Vulnerability Description

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When Layer 2 traffic is sent through a logical interface, MAC learning happens. If during this process, the interface flaps, an Advanced Forwarding Toolkit manager (evo-aftmand-bt) core is observed. This leads to a PFE restart. The crash reoccurs if the same sequence of events happens, which will lead to a sustained DoS condition. This issue affects Juniper Networks Junos OS Evolved 23.2-EVO versions earlier than 23.2R1-S1-EVO, 23.2R2-EVO.

Related Vulnerabilities

CVE-2011-1802

MEDIUM

CVSS:6.5(Medium)

WebKit in Google Chrome before Blink M11 and M12 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption).

CWE-4762011

CVE-2011-2691

MEDIUM

CVSS:6.5(Medium)

The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empt...

CWE-4762011

CVE-2015-8272

MEDIUM

CVSS:6.5(Medium)

RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash).

CWE-4762015

CVE-2015-8750

MEDIUM

CVSS:6.5(Medium)

libdwarf 20151114 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a debug_abbrev section marked NOBITS in an ELF file.

CWE-4762015

CVE-2015-8916

MEDIUM

CVSS:6.5(Medium)

bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NUL...

CWE-4762015

CVE-2016-10505

MEDIUM

CVSS:6.5(Medium)

NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in ...

CWE-4762016