PT-2024-7150 · Juniper Networks · Junos+1
Published
2024-09-25
·
Updated
2024-10-16
·
CVE-2024-47499
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:M/U:X |
Name of the Vulnerable Software and Affected Versions
Junos OS versions prior to 21.2R3-S8
Junos OS versions 21.4 prior to 21.4R3-S8
Junos OS versions 22.2 prior to 22.2R3-S4
Junos OS versions 22.3 prior to 22.3R3-S3
Junos OS versions 22.4 prior to 22.4R3-S2
Junos OS versions 23.2 prior to 23.2R2-S1
Junos OS versions 23.4 prior to 23.4R1-S2, 23.4R2
Junos OS Evolved versions prior to 21.2R3-S8-EVO
Junos OS Evolved versions 21.4 prior to 21.4R3-S8-EVO
Junos OS Evolved versions 22.2 prior to 22.2R3-S4-EVO
Junos OS Evolved versions 22.3 prior to 22.3R3-S3-EVO
Junos OS Evolved versions 22.4 prior to 22.4R3-S2-EVO
Junos OS Evolved versions 23.2 prior to 23.2R2-S1-EVO
Junos OS Evolved versions 23.4 prior to 23.4R1-S2-EVO, 23.4R2-EVO
Description
The issue is related to an improper check for unusual or exceptional conditions in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved. This can be exploited by an unauthenticated, network-based attacker to cause a Denial of Service (DoS). Specifically, if BGP Monitoring Protocol (BMP) is configured with rib-in pre-policy monitoring, receiving a BGP update with a malformed AS PATH attribute over an established BGP session can cause the RPD to crash and restart.
Recommendations
For Junos OS versions prior to 21.2R3-S8, update to version 21.2R3-S8 or later.
For Junos OS versions 21.4 prior to 21.4R3-S8, update to version 21.4R3-S8 or later.
For Junos OS versions 22.2 prior to 22.2R3-S4, update to version 22.2R3-S4 or later.
For Junos OS versions 22.3 prior to 22.3R3-S3, update to version 22.3R3-S3 or later.
For Junos OS versions 22.4 prior to 22.4R3-S2, update to version 22.4R3-S2 or later.
For Junos OS versions 23.2 prior to 23.2R2-S1, update to version 23.2R2-S1 or later.
For Junos OS versions 23.4 prior to 23.4R1-S2, 23.4R2, update to version 23.4R1-S2 or later.
For Junos OS Evolved versions prior to 21.2R3-S8-EVO, update to version 21.2R3-S8-EVO or later.
For Junos OS Evolved versions 21.4 prior to 21.4R3-S8-EVO, update to version 21.4R3-S8-EVO or later.
For Junos OS Evolved versions 22.2 prior to 22.2R3-S4-EVO, update to version 22.2R3-S4-EVO or later.
For Junos OS Evolved versions 22.3 prior to 22.3R3-S3-EVO, update to version 22.3R3-S3-EVO or later.
For Junos OS Evolved versions 22.4 prior to 22.4R3-S2-EVO, update to version 22.4R3-S2-EVO or later.
For Junos OS Evolved versions 23.2 prior to 23.2R2-S1-EVO, update to version 23.2R2-S1-EVO or later.
For Junos OS Evolved versions 23.4 prior to 23.4R1-S2-EVO, 23.4R2-EVO, update to version 23.4R1-S2-EVO or later.
Fix
Improper Check for Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos
Junos Evolved