CVE-2024-47506

11.10.2024, 16:15

A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).

When a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result in a PFE crash and restart. Whether the crash occurs, depends on system internal timing that is outside the attackers control.



This issue affects Junos OS on SRX Series:



  *  All versions before 21.3R3-S1,
  *  21.4 versions before 21.4R3,
  *  22.1 versions before 22.1R2,
  *  22.2 versions before 22.2R1-S2, 22.2R2.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.9 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
juniper	CNA	5.9 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 26%

Common Weakness Enumeration

CWE-833 - Deadlock
The software contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock.

References

https://supportportal.juniper.net/JSA88137