Denial of service in Junos OS Evolved pfe on ACX series



Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2024-47489
CWE-ID CWE-703
Exploitation vector Network
Public exploit N/A
Vulnerable software
 Junos OS Evolved
Operating systems & Components / Operating system

Vendor Juniper Networks, Inc.

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Improper Check or Handling of Exceptional Conditions

EUVDB-ID: #VU98395

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-47489

CWE-ID: CWE-703 - Improper Check or Handling of Exceptional Conditions

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Series devices. Receipt of specific transit protocol packets is incorrectly processed by the Routing Engine (RE), filling up the DDoS protection queue which is shared between routing protocols. This influx of transit protocol packets causes DDoS protection violations, resulting in protocol flaps which can affect connectivity to networking devices.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Junos OS Evolved: 21.4R1-EVO - 23.2R1-S2-EVO

CPE2.3 External links

https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-ACX-Series-Receipt-of-specific-transit-protocol-packets-is-incorrectly-processed-by-the-RE-CVE-2024-47489


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###