CVE-2024-47496

Junos OS: MX Series: The PFE will crash on running specific command

Description

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition. This issue only affects MX Series devices with Line cards MPC1-MPC9. This issue affects: Junos OS on MX Series: * All versions before 21.4R3-S9, * from 22.2 before 22.2R3-S5, * from 22.3 before 22.3R3-S4, * from 22.4 before 22.4R3-S2, * from 23.2 before 23.2R2-S1, * from 23.4 before 23.4R2.

INFO

Published Date :

2024-10-11T15:28:13.727Z

Last Modified :

2024-10-11T17:42:39.299Z

Source :

juniper

AFFECTED PRODUCTS

The following products are affected by CVE-2024-47496 vulnerability.

Vendors	Products
Juniper	2x100ge \+ 4x10ge Mpc5e 2x100ge \+ 4x10ge Mpc5eq 2x100ge \+ 8x10ge Mpc4e 32x10ge Mpc4e 6x40ge \+ 24x10ge Mpc5e 6x40ge \+ 24x10ge Mpc5eq Junos Mpc1 Mpc1 Q Mpc1e Mpc1e Q Mpc2 Mpc2 Eq Mpc2 Q Mpc2e Mpc2e Eq Mpc2e Ng Mpc2e Ng Q Mpc2e P Mpc2e Q Mpc3e Mpc3e-3d-ng Mpc3e-3d-ng-q Mpc6e Mpc7e-10g Mpc7e-mrate Mpc8e Mpc9e Mx2008 Mx2010 Mx240 Mx480 Mx960
Juniper Networks	Junos Os

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-47496.

URL	Resource
https://supportportal.juniper.net/

CVSS Vulnerability Scoring System

V4
V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact