CVE-2024-47496
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).
When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition.
This issue only affects MX Series devices with Line cards MPC1-MPC9. This issue affects: Junos OS on MX Series:
- All versions before 21.4R3-S9,
- from 22.2 before 22.2R3-S5,
- from 22.3 before 22.3R3-S4,
- from 22.4 before 22.4R3-S2,
- from 23.2 before 23.2R2-S1,
- from 23.4 before 23.4R2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 0 < 21.4R3-S9 | affected |
| Juniper Networks | Junos OS | 22.2 < 22.2R3-S5 | affected |
| Juniper Networks | Junos OS | 22.3 < 22.3R3-S4 | affected |
| Juniper Networks | Junos OS | 22.4 < 22.4R3-S2 | affected |
| Juniper Networks | Junos OS | 23.2 < 23.2R2-S1 | affected |
| Juniper Networks | Junos OS | 23.4 < 23.4R2 | affected |
Weaknesses
- CWE-476: CWE-476 NULL Pointer Dereference
Workarounds
There are no known workarounds for this issue. Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.