What is CVE-2024-39545?

CVE-2024-39545 is a high-severity vulnerability in Juniper Junos, classified under Improper Check for Unusual or Exceptional Conditions. CVSS score: 7.5/10. Published 2024-07-11.

How severe is CVE-2024-39545?

High severity. CVSS v3 base score is 7.5 out of 10.

Is CVE-2024-39545 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Juniper Junos

CVE-2024-39545

An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon (iked) of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending…

EPSS: 0.005 (38.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Juniper Junos — versions 21.2, 21.4, 22.1
Juniper Mx10004
Juniper Mx10008
Juniper Mx2008
Juniper Mx2010
Juniper Mx2020
Juniper Mx204
Juniper Mx240
Juniper Mx304
Juniper Mx480

Weakness classification (CWE)

CWE-754 — Improper Check for Unusual or Exceptional Conditions

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

sirt@juniper.net (vendor-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2024-39545?: CVE-2024-39545 is a high-severity vulnerability in Juniper Junos, classified under Improper Check for Unusual or Exceptional Conditions. CVSS score: 7.5/10. Published 2024-07-11.
How severe is CVE-2024-39545?: High severity. CVSS v3 base score is 7.5 out of 10.
Is CVE-2024-39545 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.