CVE-2024-47504

Oct 12, 2024

Published Date: 2024-10-11T16:15:11.900
Last Modified: 2024-10-11T16:15:11.900

CVSS Score: 7.5 (HIGH)

EPSS Score: 0.05%

Risk Score: 5.25 (HIGH)

Risk Score based on CVSS score and EPSS. This score is for reference purposes and is not internationally recognized.

Meter Needle
CVSS: 7.5  |  EPSS: 0.05%
NVD Links:

Description: An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service (Dos).

When a non-clustered SRX5000 device receives a specifically malformed packet this will cause a flowd crash and restart.

This issue affects Junos OS:

* 22.1 releases 22.1R1 and later before 22.2R3-S5,
* 22.3 releases before 22.3R3-S4,
* 22.4 releases before 22.4R3-S4,
* 23.2 releases before 23.2R2-S2,
* 23.4 releases before 23.4R2-S1,
* 24.2 releases before 24.2R1-S1, 24.2R2.

Please note that the PR does indicate that earlier versions have been fixed as well, but these won’t be adversely impacted by this.

Mitre ATT&CK Technical v15.1

T1053.002 – At

Technical Analysis & Mitigation Measures

1. Technical Attack Analysis:
– Attackers can exploit CVE-2024-47504 by sending specifically crafted packets to the vulnerable Junos OS devices, targeting the packet forwarding engine (pfe).
– Successful exploitation leads to a Denial of Service (DoS) condition as the flowd process crashes and subsequently restarts, disrupting normal network operations.
– The attack can be executed remotely, requiring no authentication, allowing unauthenticated attackers to target devices exposed to the network.
– Potential outcomes include loss of service availability for legitimate users, increased response time for network resources, and possible cascading failures in network services dependent on the affected device.
– If the attack is sustained, it could lead to prolonged downtime, impacting business operations and potentially resulting in financial loss or reputational damage.

2. Mitigation Measures:
– Upgrade to a patched version of Junos OS as specified in the vulnerability description.
– Implement network access controls to restrict traffic to the affected devices.
– Utilize intrusion detection systems (IDS) to monitor for malicious packet patterns.
– Configure firewalls to block malformed packets targeting the SRX5000 series devices.
– Regularly audit and review network device configurations for vulnerabilities.
– Segment network traffic to minimize the impact of a DoS attack.
– Monitor system logs for unusual activity or repeated crashes of the flowd process.
– Educate network personnel on the nature of the vulnerability and response procedures.

The content above is generated by AI. Please review and consider carefully before applying!

Reference Links

Vendor - Produce - Version

None

Disclaimer

The content on this website is automatically sourced from external websites such as the National Vulnerability Database (NVD), GitHub, and other security-related sources. This content is for reference purposes only, and we are not responsible for the accuracy or integrity of the information linked or displayed from these sources.