CVE-2024-47493 Junos OS: MX Series: Trio-based FPCs: Continuous physical Interface flaps causes local FPC to crash

🗓️ 11 Oct 2024 15:24:02Reported by juniperType

Missing release of memory vulnerability in Junos OS allows unauthenticated attacker to cause DoS by continuous physical interface flaps, leading to local FPC crash. Versions affected: 21.2R3-S7, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R2, 23.4R2

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of the Packet Forwarding Engine (PFE) module of Juniper Networks’ Junos OS allows a hacker to trigger a service failure.	23 Oct 202400:00	–	bdu_fstec
CNNVD	Juniper Networks Junos OS 安全漏洞	11 Oct 202400:00	–	cnnvd
CVE	CVE-2024-47493	11 Oct 202415:24	–	cve
EUVD	EUVD-2024-42497	3 Oct 202520:07	–	euvd
Tenable Nessus	Juniper Junos OS Vulnerability (JSA88119)	9 Oct 202400:00	–	nessus
NVD	CVE-2024-47493	11 Oct 202416:15	–	nvd
OSV	CVE-2024-47493	11 Oct 202416:15	–	osv
Positive Technologies	PT-2024-7132	25 Sep 202400:00	–	ptsecurity
Vulnrichment	CVE-2024-47493 Junos OS: MX Series: Trio-based FPCs: Continuous physical Interface flaps causes local FPC to crash	11 Oct 202415:24	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "MX"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "21.2R3-S7",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S6",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S5",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S3",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R3-S2",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R3",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      },
      {
        "lessThan": "23.2R2",
        "status": "affected",
        "version": "23.2",
        "versionType": "semver"
      },
      {
        "lessThan": "23.4R2",
        "status": "affected",
        "version": "23.4",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
juniper	www.juniper.net/documentation/us/en/software/junos/interfaces-link-multilink/topics/topic-map/link-multilink-services-understanding.html
supportportal	www.supportportal.juniper.net/

08 Nov 2024 17:17Current

CVSS 3.16.5

CVSS 47.1

EPSS0.00355

CWE-401

missing release of memory dos junos os fpc crash vulnerability denial of service continuous interface flaps 21.2r3-s7 21.4r3-s6 22.1r3-s5 22.2r3-s3 22.3r3-s2 22.4r3 23.2r2 23.4r2