Improper Check or Handling of Exceptional Conditions in Junos OS Evolved - CVE-2024-47489
Published: October 11, 2024
Vulnerability identifier: #VU98395
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2024-47489
CWE-ID: CWE-703
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Juniper Networks, Inc.
Affected software:
Junos OS Evolved
Junos OS Evolved
Detailed vulnerability description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Series devices. Receipt of specific transit protocol packets is incorrectly processed by the Routing Engine (RE), filling up the DDoS protection queue which is shared between routing protocols. This influx of transit protocol packets causes DDoS protection violations, resulting in protocol flaps which can affect connectivity to networking devices.
How to mitigate CVE-2024-47489
Install updates from vendor's website.