CVE-2024-39537 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2024-39537

Analyzed

More Info Official Page

Source-sirt@juniper.net

Published At-11 Jul, 2024 | 17:15

Updated At-22 Jan, 2026 | 18:29

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, specific processes which should only be able to communicate internally within the device can be reached over the network via open ports. This issue affects Junos OS Evolved on ACX 7000 Series: * All versions before 21.4R3-S7-EVO, * 22.2-EVO versions before 22.2R3-S4-EVO, * 22.3-EVO versions before 22.3R3-S3-EVO, * 22.4-EVO versions before 22.4R3-S2-EVO, * 23.2-EVO versions before 23.2R2-EVO, * 23.4-EVO versions before 23.4R1-S1-EVO, 23.4R2-EVO.

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	6.9	MEDIUM	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.1	6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Type: Secondary

Version: 4.0

Base score: 6.9

Base severity: MEDIUM

Vector:

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 3.1

Base score: 6.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

CPE Matches

Juniper Networks, Inc.

>>junos_os_evolved>>Versions before 21.4(exclusive)

cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s5:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>21.4

cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s6:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.2

cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.2

cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.2

cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.2

cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.2

cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.2

cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.2

cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.2

cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.2

cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.2

cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.2

cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s3:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.3

cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.3

cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.3

cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.3

cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.3

cpe:2.3:o:juniper:junos_os_evolved:22.3:r2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.3

cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.3

cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.3

cpe:2.3:o:juniper:junos_os_evolved:22.3:r3:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.3

cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.3

cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.4

cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.4

cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.4

cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.4

cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.4

cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.4

cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.4

cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.4

cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>22.4

cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>23.2

cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>23.2

cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>23.2

cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>23.2

cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*

Juniper Networks, Inc.

>>junos_os_evolved>>23.4

cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-923	Secondary	sirt@juniper.net

CWE ID: CWE-923

Type: Secondary

Source: sirt@juniper.net

References

Hyperlink	Source	Resource
https://supportportal.juniper.net/JSA82997	sirt@juniper.net	Vendor Advisory
https://supportportal.juniper.net/JSA82997	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory

Hyperlink: https://supportportal.juniper.net/JSA82997

Source: sirt@juniper.net

Resource:

Vendor Advisory

Hyperlink: https://supportportal.juniper.net/JSA82997

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Vendor Advisory