Vulnerability Description
A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result in a PFE crash and restart. Whether the crash occurs, depends on system internal timing that is outside the attackers control. This issue affects Junos OS on SRX Series: * All versions before 21.3R3-S1, * 21.4 versions before 21.4R3, * 22.1 versions before 22.1R2, * 22.2 versions before 22.2R1-S2, 22.2R2.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | < 21.3 |
| Juniper | Srx1500 | - |
| Juniper | Srx1600 | - |
| Juniper | Srx2300 | - |
| Juniper | Srx300 | - |
| Juniper | Srx320 | - |
| Juniper | Srx340 | - |
| Juniper | Srx345 | - |
| Juniper | Srx380 | - |
| Juniper | Srx4100 | - |
| Juniper | Srx4120 | - |
| Juniper | Srx4200 | - |
| Juniper | Srx4300 | - |
| Juniper | Srx4600 | - |
| Juniper | Srx4700 | - |
| Juniper | Srx5400 | - |
| Juniper | Srx5600 | - |
| Juniper | Srx5800 | - |
Related Weaknesses (CWE)
References
- https://supportportal.juniper.net/JSA88137Vendor Advisory
FAQ
What is CVE-2024-47506?
CVE-2024-47506 is a vulnerability with a CVSS score of 5.9 (MEDIUM). A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a ...
How severe is CVE-2024-47506?
CVE-2024-47506 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-47506?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Srx1500, Juniper Srx1600, Juniper Srx2300, Juniper Srx300.