How severe is CVE-2024-39534?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2024-39534?

This is classified as CWE-697, which is a common weakness in software security.

CVE-2024-39534 - MEDIUM Severity | CVSS 5.4

Vulnerability Description

An Incorrect Comparison vulnerability in the local address verification API of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker to create sessions or send traffic to the device using the network and broadcast address of the subnet assigned to an interface. This is unintended and unexpected behavior and can allow an attacker to bypass certain compensating controls, such as stateless firewall filters. This issue affects Junos OS Evolved: * All versions before 21.4R3-S8-EVO, * 22.2-EVO before 22.2R3-S4-EVO, * 22.3-EVO before 22.3R3-S4-EVO, * 22.4-EVO before 22.4R3-S3-EVO, * 23.2-EVO before 23.2R2-S1-EVO, * 23.4-EVO before 23.4R1-S2-EVO, 23.4R2-EVO.

Related Vulnerabilities

CVE-2021-1904

MEDIUM

CVSS:5.5(Medium)

Child process can leak information from parent process due to numeric pids are getting compared and these pid can be reused in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon ...

CWE-6972021

CVE-2021-20219

MEDIUM

CVSS:5.5(Medium)

A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (d...

CWE-6972021

CVE-2021-40562

MEDIUM

CVSS:5.5(Medium)

A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.

CWE-6972021

CVE-2021-47370

MEDIUM

CVSS:5.5(Medium)

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure tx skbs always have the MPTCP ext Due to signed/unsigned comparison, the expression: info->size_goal - skb->len > 0 ev...

CWE-6972021

CVE-2022-31650

MEDIUM

CVSS:5.5(Medium)

In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.

CWE-6972022

CVE-2022-34999

MEDIUM

CVSS:5.5(Medium)

JPEGDEC commit be4843c was discovered to contain a FPE via DecodeJPEG at /src/jpeg.inl.

CWE-6972022