CVE-2024-47497

Oct 12, 2024

Published Date: 2024-10-11T16:15:10.340

Last Modified: 2024-10-11T16:15:10.340

CVSS Score: 7.5 (HIGH)

EPSS Score: 0.05%

Risk Score: 5.25 (HIGH)

Risk Score based on CVSS score and EPSS. This score is for reference purposes and is not internationally recognized.

CVSS: 7.5 | EPSS: 0.05%

NVD Links:

https://nvd.nist.gov/vuln/detail/CVE-2024-47497

Description: An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service (DoS).

An attacker can send specific HTTPS connection requests to the device, triggering the creation of processes that are not properly terminated. Over time, this leads to resource exhaustion, ultimately causing the device to crash and restart.

The following command can be used to monitor the resource usage:
user@host> show system processes extensive | match mgd | count

This issue affects Junos OS on SRX Series and EX Series:
All versions before 21.4R3-S7,
from 22.2 before 22.2R3-S4,
from 22.3 before 22.3R3-S3,
from 22.4 before 22.4R3-S2,
from 23.2 before 23.2R2-S1,
from 23.4 before 23.4R1-S2, 23.4R2.

Mitre ATT&CK Technical v15.1

T1153 – Source
T1053.002 – At

Technical Analysis & Mitigation Measures

1. Technical Attack Analysis:
– Attack Techniques :
– Uncontrolled Resource Consumption : The vulnerability allows an attacker to exploit the http daemon by sending specially crafted HTTPS requests. This leads to the creation of processes that are not terminated correctly, resulting in resource exhaustion.
– Denial-of-Service (DoS) : The exploitation of this vulnerability can lead to a Denial-of-Service scenario, where legitimate users are unable to access the affected services due to the device being overwhelmed and crashing.

– Possible Outcomes of Exploitation :
– Service Disruption : Users may experience downtime and inability to access network resources, impacting business operations.
– Reputation Damage : Frequent outages or service interruptions can lead to loss of customer trust and potential reputational damage.
– Increased Operational Costs : Recovery from DoS incidents may require additional resources and time, leading to increased operational costs.
– Potential for Further Exploitation : While this specific vulnerability leads to a DoS condition, the distraction it creates may allow attackers to exploit other vulnerabilities within the same system or network.

2. Mitigation Measures:
– Upgrade Junos OS to the latest version that addresses the vulnerability.
– Implement rate limiting on incoming HTTPS requests to prevent resource exhaustion.
– Configure firewall rules to restrict access to the http daemon from untrusted sources.
– Monitor system resource usage to identify unusual patterns indicative of exploitation attempts.
– Deploy intrusion detection systems (IDS) to alert on abnormal traffic patterns.
– Conduct regular vulnerability assessments and penetration testing to identify and remediate potential weaknesses.
– Educate staff on security best practices and the importance of timely updates.

The content above is generated by AI. Please review and consider carefully before applying!

Reference Links

https://supportportal.juniper.net/

Vendor - Produce - Version

None

Disclaimer

The content on this website is automatically sourced from external websites such as the National Vulnerability Database (NVD), GitHub, and other security-related sources. This content is for reference purposes only, and we are not responsible for the accuracy or integrity of the information linked or displayed from these sources.