CVE-2024-47489 — Improper Handling of Exceptional Conditions in Networks Junos OS Evolved

CWE-755 — Improper Handling of Exceptional Conditions4 documents4 sources

Severity

6.9MEDIUMNVD

EPSS

0.1%

top 77.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Evolved Juniper Junos OS Evolved

Timeline

PublishedOct 11

Description

An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network based attacker sending specific transit protocol traffic to cause a partial Denial of Service (DoS) to downstream devices. Receipt of specific transit protocol packets is incorrectly processed by the Routing Engine (RE), filling up the DDoS protection queue which is shared between routing protocols. T…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:L

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os_evolved22.2 — 22.2R3-S4-EVO+6

▶NVDjuniper/junos_os_evolved< 21.4+7

🔴Vulnerability Details

CVEList

Junos OS Evolved: ACX Series: Receipt of specific transit protocol packets is incorrectly processed by the RE↗2024-10-11

▶

GHSA

GHSA-3x4w-v43m-f5m7: An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Ser↗2024-10-11

▶

📋Vendor Advisories

Juniper

CVE-2024-47489: An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Ser↗2024-10-11

▶