CVE-2024-47496

MEDIUM EPSS 10.1%
Published Oct 11, 20241y ago · Modified Jun 17, 20262w ago
6.8 CVSS 4.0
Medium
Find Similar
Published Oct 11, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition. This issue only affects MX Series devices with Line cards MPC1-MPC9. This issue affects: Junos OS on MX Series: * All versions before 21.4R3-S9, * from 22.2 before 22.2R3-S5,  * from 22.3 before 22.3R3-S4, * from 22.4 before 22.4R3-S2, * from 23.2 before 23.2R2-S1, * from 23.4 before 23.4R2.

CVSS Details

Base Score
6.8
Exploitability
Impact
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:X/U:X
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
10.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 93

VendorProductVersionRange
juniperjunos* <21.4
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos21.4any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.2any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.3any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos22.4any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.2any
juniperjunos23.4any
juniperjunos23.4any
juniperjunos23.4any
juniperjunos23.4any
juniper2x100ge_\+_4x10ge_mpc5e*any
juniper2x100ge_\+_4x10ge_mpc5eq*any
juniper2x100ge_\+_8x10ge_mpc4e*any
juniper32x10ge_mpc4e*any
juniper6x40ge_\+_24x10ge_mpc5e*any
juniper6x40ge_\+_24x10ge_mpc5eq*any
junipermpc1*any
junipermpc1_q*any
junipermpc1e*any
junipermpc1e_q*any
junipermpc2*any
junipermpc2_eq*any
junipermpc2_q*any
junipermpc2e*any
junipermpc2e_eq*any
junipermpc2e_ng*any
junipermpc2e_ng_q*any
junipermpc2e_p*any
junipermpc2e_q*any
junipermpc3e*any
junipermpc3e-3d-ng*any
junipermpc3e-3d-ng-q*any
junipermpc6e*any
junipermpc7e-10g*any
junipermpc7e-mrate*any
junipermpc8e*any
junipermpc9e*any
junipermx2008*any
junipermx2010*any
junipermx240*any
junipermx480*any
junipermx960*any

References 1

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.