CVE-2024-47499

CVSS V2 None CVSS V3 None

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). In a scenario where BGP Monitoring Protocol (BMP) is configured with rib-in pre-policy monitoring, receiving a BGP update with a specifically malformed AS PATH attribute over an established BGP session, can cause an RPD crash and restart. This issue affects: Junos OS: * All versions before 21.2R3-S8, * 21.4 versions before 21.4R3-S8, * 22.2 versions before 22.2R3-S4, * 22.3 versions before 22.3R3-S3, * 22.4 versions before 22.4R3-S2, * 23.2 versions before 23.2R2-S1, * 23.4 versions before 23.4R1-S2, 23.4R2; Junos OS Evolved: * All versions before 21.2R3-S8-EVO, * 21.4 versions before 21.4R3-S8-EVO, * 22.2 versions before 22.2R3-S4-EVO, * 22.3 versions before 22.3R3-S3-EVO, * 22.4 versions before 22.4R3-S2-EVO, * 23.2 versions before 23.2R2-S1-EVO, * 23.4 versions before 23.4R1-S2-EVO, 23.4R2-EVO.

Overview

CVE ID
CVE-2024-47499

Assigner
juniper

Vulnerability Status
PUBLISHED

Published Version
2024-10-11T15:30:36.930Z

Last Modified Date
2024-10-11T17:37:24.608Z

Weakness Enumerations

CWE	URL
CWE-754	http://cwe.mitre.org/data/definitions/754.html

References

Reference URL	Reference Tags
https://supportportal.juniper.net/JSA88129	vendor-advisory

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-47499
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47499

History

Created	Old Value	New Value	Data Type	Notes
2024-10-12 13:25:05				Added to TrackCVE