CVE-2024-47495

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Oct 11, 2024

Updated: Oct 15, 2024

CWE ID 639

Summary

CVE-2024-47495 is a newly disclosed vulnerability that grants locally authenticated attackers with shell access full control over Juniper Networks Junos OS Evolved devices when Dual Routing Engines (REs) are in use. This Authorization Bypass Through User-Controlled Key vulnerability affects multiple Junos OS Evolved versions, including those before 21.2R3-S8-EVO, from 21.4-EVO before 21.4R3-S8-EVO, from 22.2-EVO before 22.2R3-S4-EVO, from 22.3-EVO before 22.3R3-S4-EVO, from 22.4-EVO before 22.4R3-S3-EVO, from 23.2-EVO before 23.2R2-S1-EVO, and from 23.4-EVO before 23.4R2-S1-EVO. It is essential to note that this vulnerability does not impact Juniper Networks Junos OS.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2024-47495

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations