CVE-2024-47499

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 11, 2024
Updated: Oct 15, 2024
CWE ID 754

Summary

CVE-2024-47499 identifies a vulnerability in the routing protocol daemon (RPD) of Juniper Networks' Junos OS and Junos OS Evolved that allows unauthenticated network-based attackers to execute a Denial of Service (DoS) attack. This issue primarily affects multiple versions of Junos OS, including all versions prior to 21.2R3-S8, as well as specific versions within the 21.4, 22.2, 22.3, 22.4, and 23.2/23.4 series. To remediate this vulnerability, users are advised to upgrade to the patched versions as outlined in the vendor's advisory. The potential danger of this vulnerability lies in its ability to crash and restart the RPD when handling malformed BGP update messages, compromising network availability and reliability for organizations using affected products. The CVSS score for this vulnerability is rated at 7.5 (High), indicating a significant risk to network operations with low complexity for exploitation and no required user interaction.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share