CVE-2024-47491

Oct 12, 2024

Published Date: 2024-10-11T16:15:09.060
Last Modified: 2024-10-11T16:15:09.060

CVSS Score: 7.5 (HIGH)

EPSS Score: N/A

Risk Score: N/A

Risk Score based on CVSS score and EPSS. This score is for reference purposes and is not internationally recognized.

Meter Needle
CVSS: 7.5  |  EPSS: 0%
NVD Links:

Description: An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause Denial of Service (DoS).

When a BGP UPDATE with malformed path attribute is received over an established BGP session, rpd crashes and restarts.

Continuous receipt of a BGP UPDATE with a specifically malformed path attribute will create a sustained Denial of Service (DoS) condition for impacted devices.

This issue affects:

 Juniper Networks Junos OS: 

* All versions before 21.4R3-S8, 
* from 22.2 before 22.2R3-S4, 
* from 22.4 before 22.4R3-S3, 
* from 23.2 before 23.2R2-S1, 
* from 23.4 before 23.4R1-S2, 23.4R2.

 Juniper Networks Junos OS Evolved: 

* All versions before 21.4R3-S8-EVO,
* from 22.2 before 22.2R3-S4-EVO,
* from 22.4 before 22.4R3-S3-EVO,
* from 23.2 before 23.2R2-S1-EVO,
* from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.

Mitre ATT&CK Technical v15.1

T1053.002 – At

Technical Analysis & Mitigation Measures

1. Technical Attack Analysis:
– Attack Techniques :
– T1053.002 – Scheduled Task/Job: Cron : This attack technique involves exploiting the ability to schedule tasks or jobs on a system. In the context of CVE-2024-47491, an attacker can craft malformed BGP UPDATE messages that are sent to the Routing Protocol Daemon (rpd), which can trigger a crash and cause the device to restart.
– Denial of Service (DoS) : The exploitation of this vulnerability can lead to a sustained denial of service condition on affected devices, as the continuous receipt of malformed BGP UPDATEs will cause the rpd to repeatedly crash and restart, disrupting network operations and potentially causing outages.

– Possible Outcomes of Exploitation :
– Network Disruption : Affected devices will be unable to process legitimate BGP traffic, leading to potential routing issues and loss of network connectivity.
– Service Interruption : Continuous exploitation can lead to a complete failure of routing functionalities, affecting all services reliant on the network infrastructure.
– Increased Attack Surface : The downtime from the DoS can expose the network to further attacks, as other vulnerabilities may be exploited during the period when systems are in an unstable state.

2. Mitigation Measures:
– Update Junos OS to versions 21.4R3-S8 or later.
– Update Junos OS Evolved to versions 21.4R3-S8-EVO or later.
– Implement rate limiting on BGP sessions to control the frequency of updates.
– Use BGP session authentication to prevent unauthorized updates.
– Monitor BGP traffic for unusual patterns that may indicate exploitation attempts.
– Isolate critical devices from untrusted networks to reduce exposure risk.
– Conduct regular security assessments and vulnerability scans on network devices.
– Ensure logging and alerting are enabled for BGP sessions to detect anomalies.

The content above is generated by AI. Please review and consider carefully before applying!

Reference Links

Vendor - Produce - Version

None

Disclaimer

The content on this website is automatically sourced from external websites such as the National Vulnerability Database (NVD), GitHub, and other security-related sources. This content is for reference purposes only, and we are not responsible for the accuracy or integrity of the information linked or displayed from these sources.