CVE-2024-47503

EPSS 0.06%
Published 11.10.2024 16:15:11
Last modified 15.10.2024 12:58:51
Source sirt@juniper.net
Teams watchlist Login
Open Login

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an unauthenticated and logically adjacent attacker to cause a Denial-of-Service (DoS).

If in a multicast scenario a sequence of 

specific PIM packets is received, this will cause a flowd crash and restart, which leads to momentary service interruption.
This issue affects Junos OS on SRX 4600 and SRX 5000 Series:



  *  All versions before 21.4R3-S9,
  *  22.2 versions before 22.2R3-S5,
  *  22.3 versions before 22.3R3-S4,
  *  22.4 versions before 22.4R3-S4,
  *  23.2 versions before 23.2R2-S2,
  *  23.4 versions before 23.4R2, 
  *  24.2 versions before 24.2R1-S1, 24.2R2.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorJuniper Networks

≫

Product Junos OS

Default Statusunaffected

Version < 21.4R3-S9

Version 0

Status affected

Version < 22.2R3-S5

Version 22.2

Status affected

Version < 22.3R3-S4

Version 22.3

Status affected

Version < 22.4R3-S4

Version 22.4

Status affected

Version < 23.2R2-S2

Version 23.2

Status affected

Version < 23.4R2

Version 23.4

Status affected

Version < 24.2R1-S1, 24.2R2

Version 24.2

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.195

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
sirt@juniper.net	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
sirt@juniper.net	7.1	0	0	CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://supportportal.juniper.net/JSA88133

https://nvd.nist.gov/vuln/detail/CVE-2024-47503

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-47503

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-47503

EUVD