Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-47493— Junos OS: MX Series: Trio-based FPCs: Continuous physical Interface flaps causes local FPC to crash

CVSS 6.5 · Medium EPSS 0.03% · P9
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-47493

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Junos OS: MX Series: Trio-based FPCs: Continuous physical Interface flaps causes local FPC to crash
Source: NVD (National Vulnerability Database)
Vulnerability Description
A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of the Juniper Networks Junos OS on the MX Series platforms with Trio-based FPCs allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). In case of channelized Modular Interface Cards (MICs), every physical interface flap operation will leak heap memory. Over a period of time, continuous physical interface flap operations causes local FPC to eventually run out of memory and crash.   Below CLI command can be used to check the memory usage over a period of time:   user@host> show chassis fpc                 Temp CPU Utilization (%)   CPU Utilization (%) Memory   Utilization (%)   Slot State     (C)  Total  Interrupt     1min   5min   15min DRAM (MB) Heap     Buffer   0 Online       43     41         2                           2048       49         14   1 Online       43     41         2                           2048       49         14   2 Online       43     41         2                           2048       49         14 This issue affects Junos OS on MX Series:  * All versions before 21.2R3-S7,  * from 21.4 before 21.4R3-S6,  * from 22.1 before 22.1R3-S5,  * from 22.2 before 22.2R3-S3,  * from 22.3 before 22.3R3-S2,  * from 22.4 before 22.4R3,  * from 23.2 before 23.2R2,  * from 23.4 before 23.4R2.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
在移除最后引用时对内存的释放不恰当(内存泄露)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Juniper Networks Junos OS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Juniper Networks Junos OS是美国瞻博网络(Juniper Networks)公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS存在安全漏洞,该漏洞源于每个物理接口翻转操作都会泄漏堆内存。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Juniper NetworksJunos OS 0 ~ 21.2R3-S7 -

II. Public POCs for CVE-2024-47493

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-47493

登录查看更多情报信息。

Same Patch Batch · Juniper Networks · 2024-10-11 · 25 CVEs total

CVE-2024-474908.2 HIGHJunos OS Evolved: ACX 7000 Series: Receipt of specific transit MPLS packets causes resourc
CVE-2024-475047.5 HIGHJunos OS: SRX5000 Series: Receipt of a specific malformed packet will cause a flowd crash
CVE-2024-475027.5 HIGHJunos OS Evolved: TCP session state is not always cleared on the Routing Engine leading to
CVE-2024-395477.5 HIGHJunos OS and Junos OS Evolved: cRPD: Receipt of crafted TCP traffic can trigger high CPU u
CVE-2024-474997.5 HIGHJunos OS and Junos OS Evolved: In a BMP scenario receipt of a malformed AS PATH attribute
CVE-2024-474977.5 HIGHJunos OS: SRX Series, QFX Series, MX Series and EX Series: Receiving specific HTTPS traffi
CVE-2024-395637.3 HIGHJunos Space: Remote Command Execution (RCE) vulnerability in web application
CVE-2024-474956.7 MEDIUMJunos OS Evolved: In a dual-RE scenario a locally authenticated attacker with shell privil
CVE-2024-395266.5 MEDIUMJunos OS and Junos OS Evolved: MX Series with MPC10/MPC11/LC9600, MX304, EX9200, PTX Serie
CVE-2024-475096.5 MEDIUMJunos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a
CVE-2024-475086.5 MEDIUMJunos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a
CVE-2024-475056.5 MEDIUMJunos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a
CVE-2024-475036.5 MEDIUMJunos OS: SRX4600 and SRX5000 Series: Sequence of specific PIM packets causes a flowd cras
CVE-2024-474986.5 MEDIUMJunos OS Evolved: QFX5000 Series: Configured MAC learning and move limits are not in effec
CVE-2024-475065.9 MEDIUMJunos OS: SRX Series: A large amount of traffic being processed by ATP Cloud can lead to a
CVE-2024-474915.9 MEDIUMJunos OS and Junos OS Evolved: Receipt of a specific malformed BGP path attribute leads to
CVE-2024-474945.9 MEDIUMJunos OS: Due to a race condition AgentD process causes a memory corruption and FPC reset
CVE-2024-474895.8 MEDIUMJunos OS Evolved: ACX Series: Receipt of specific transit protocol packets is incorrectly
CVE-2024-475075.8 MEDIUMJunos OS and Junos OS Evolved: BGP update message containing aggregator attribute with an
CVE-2024-474965.5 MEDIUMJunos OS: MX Series: The PFE will crash on running specific command

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Junos OS
Same vendor: Juniper Networks
Same weakness: CWE-401

V. Comments for CVE-2024-47493

No comments yet

Leave a comment