Improper Restriction of Communication Channel to Intended Endpoints Vulnerability Affects Junos OS Evolved
CVE-2024-47490

8.2HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os Evolved
Vendor: CVE Published:; 11 October 2024

Summary

The vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks' Junos OS Evolved on the ACX 7000 Series allows unauthenticated network-based attackers to exploit improper handling of specific transit MPLS packets. These packets are incorrectly forwarded to the Routing Engine, leading to resource exhaustion as continuous receipt causes an overload, ultimately resulting in Denial of Service (DoS). This vulnerability does not require MPLS configuration to be present and impacts multiple versions of the ACX 7000 Series.

Affected Version(s)

Junos OS Evolved ACX 7000 Series 0 < 21.4R3-S9-EVO

Junos OS Evolved ACX 7000 Series 22.2-EVO < 22.2R3-S4-EVO

Junos OS Evolved ACX 7000 Series 22.3-EVO < 22.3R3-S3-EVO

References

https://supportportal.juniper.net/JSA83009

vendor-advisory

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 11, 2024
Vulnerability Reserved
Sep 25, 2024

Collectors

NVD DatabaseMitre Database