PT-2024-7138 · Juniper Networks · Junos
Published
2024-09-25
·
Updated
2026-01-26
·
CVE-2024-47504
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X |
Name of the Vulnerable Software and Affected Versions
Junos OS versions 22.1R1 through 22.2R3-S4
Junos OS versions 22.3 through 22.3R3-S3
Junos OS versions 22.4 through 22.4R3-S3
Junos OS versions 23.2 through 23.2R2-S1
Junos OS versions 23.4 through 23.4R2
Junos OS versions 24.2 through 24.2R2
Description
The issue is related to an Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS. This vulnerability allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS) by sending a specifically malformed packet, which can cause a flowd crash and restart on a non-clustered SRX5000 device.
Recommendations
For Junos OS versions 22.1R1 through 22.2R3-S4, update to version 22.2R3-S5 or later.
For Junos OS versions 22.3 through 22.3R3-S3, update to version 22.3R3-S4 or later.
For Junos OS versions 22.4 through 22.4R3-S3, update to version 22.4R3-S4 or later.
For Junos OS versions 23.2 through 23.2R2-S1, update to version 23.2R2-S2 or later.
For Junos OS versions 23.4 through 23.4R2, update to version 23.4R2-S1 or later.
For Junos OS versions 24.2 through 24.2R2, update to version 24.2R1-S1 or later.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos