CVE-2024-47496 — NULL Pointer Dereference in Networks Junos OS

CWE-476 — NULL Pointer Dereference4 documents4 sources

Severity

6.8MEDIUMNVD

EPSS

0.1%

top 83.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedOct 11

Description

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition. This issue only affects MX Series devices with Line cards MPC1-MPC9. This issue affects: Junos OS on MX Series: * A…

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os22.2 — 22.2R3-S5+5

▶NVDjuniper/junos< 21.4+6

🔴Vulnerability Details

GHSA

GHSA-v4c2-2gfg-qh3v: A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to↗2024-10-11

▶

CVEList

Junos OS: MX Series: The PFE will crash on running specific command↗2024-10-11

▶

📋Vendor Advisories

Juniper

CVE-2024-47496: A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to↗2024-10-11

▶