Allocation of Resources Without Limits or Throttling Vulnerability
CVE-2024-47502

7.5HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os Evolved
Vendor: CVE Published:; 11 October 2024

Summary

A vulnerability exists in the kernel of Juniper Networks Junos OS Evolved due to Allocation of Resources Without Limits or Throttling. An unauthenticated network-based attacker may exploit this flaw to initiate a Denial of Service (DoS) attack, leading to the exhaustion of resources available for new connections to the control plane. Affected TCP sessions that are not properly cleared when terminated contribute to this resource depletion over time. The issue is limited to IPv4 traffic and only impacts TCP sessions established in-band via an interface on a Flexible PIC Concentrator (FPC); it does not affect out-of-band connections made through the management Ethernet port on the routing-engine. Affected users may observe an increasing number of TCP connections through the system connections command, and recovery from the issue necessitates a manual restart of the respective Routing Engine (RE).

Affected Version(s)

Junos OS Evolved 0 < 21.4R3-S9-EVO

Junos OS Evolved 22.2 < 22.2R3-S4-EVO

Junos OS Evolved 22.4 < 22.4R3-S3-EVO

References

https://supportportal.juniper.net/JSA88132

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 11, 2024
Vulnerability Reserved
Sep 25, 2024

Collectors

NVD DatabaseMitre Database