Juniper Networks Junos OS
Moderate fix7 remedies
cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*
Moderate fix7 remedies
- < 21.2R3-S9
- >= 21.4, < 21.4R3-S10
- >= 22.2, < 22.2R3-S6
- >= 22.4, < 22.4R3-S6
- >= 23.2, < 23.2R2-S3
- >= 23.4, < 23.4R2-S4
- >= 24.2, < 24.2R2
Juniper Networks Junos OS and Junos OS Evolved Layer 2 Control Protocol Daemon Denial-of-Service Vulnerability
Vulnerability
Patched
A vulnerability allowing for denial-of-service (DoS) conditions has been identified in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved. This vulnerability arises from a signed to unsigned conversion error, which allows an unauthenticated adjacent attacker to send a specifically malformed LLDP TLV that causes the l2cpd process to crash and restart. The issue creates a sustained DoS condition, especially when an LLDP telemetry subscription is active, as the continued receipt and processing of the malformed packet repeatedly disrupts the l2cpd process.
Impact
Exploitation of this vulnerability leads to a crash of the l2cpd process, which then restarts, causing a temporary denial-of-service condition. However, the continued receipt and processing of the malformed LLDP TLV can create a sustained DoS condition, disrupting normal network operations.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
6.8impact
2.5exploitability
4.9remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.