PT-2024-7202 · Juniper Networks · Junos
Published
2024-10-09
·
Updated
2026-01-26
·
CVE-2024-47506
CVSS v4.0
8.2
High
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:M/U:X |
Name of the Vulnerable Software and Affected Versions
Junos OS versions prior to 21.3R3-S1
Junos OS versions 21.4 prior to 21.4R3
Junos OS versions 22.1 prior to 22.1R2
Junos OS versions 22.2 prior to 22.2R1-S2, 22.2R2
Description
A deadlock in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series can be exploited by an unauthenticated, network-based attacker to cause a Denial of Service (DoS). This occurs when a large amount of traffic is processed by ATP Cloud inspection, potentially resulting in a PFE crash and restart. The crash is dependent on system internal timing, which is outside the attacker's control.
Recommendations
For versions prior to 21.3R3-S1, update to version 21.3R3-S1 or later.
For versions 21.4 prior to 21.4R3, update to version 21.4R3 or later.
For versions 22.1 prior to 22.1R2, update to version 22.1R2 or later.
For versions 22.2 prior to 22.2R1-S2, 22.2R2, update to version 22.2R1-S2, 22.2R2 or later.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos