#VU98352 Allocation of resources without limits or throttling in Junos OS Evolved - CVE-2024-47502

Cybersecurity Help s.r.o.

Published: 2024-10-10

Vulnerability identifier: #VU98352

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-47502

CWE-ID: CWE-770

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Junos OS Evolved
Operating systems & Components / Operating system

Vendor: Juniper Networks, Inc.

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to allocation of resources without limits or throttling error in the kernel. A remote non-authenticated attacker can cause a Denial of Service (DoS).

In specific cases the state of TCP sessions that are terminated is not cleared, which over time leads to an exhaustion of resources, preventing new connections to the control plane from being established.

A continuously increasing number of connections shown by:user@host > show system connectionsis indicative of the problem.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Junos OS Evolved: 21.4R1-EVO - 21.4R3-S8-EVO, 22.2-EVO - 22.2R3-S3-EVO, 22.4R1-EVO - 22.4R3-S2-EVO, 23.2R1-EVO - 23.2R2-EVO

External links
https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-TCP-session-state-is-not-always-cleared-on-the-Routing-Engine-CVE-2024-47502

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Allocation of resources without limits or throttling in Junos OS Evolved