vulnerability

Juniper Junos OS: 2024-10 Security Bulletin: Junos OS: SRX Series: A large amount of traffic being processed by ATP Cloud can lead to a PFE crash (JSA88137) (CVE-2024-47506)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:N/I:N/A:C)	Oct 9, 2024	Oct 10, 2024	Jan 28, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:C)

Published

Oct 9, 2024

Added

Oct 10, 2024

Modified

Jan 28, 2025

Description

A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).

When a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result in a PFE crash and restart. Whether the crash occurs, depends on system internal timing that is outside the attackers control.

This issue affects Junos OS on SRX Series:

* All versions before 21.3R3-S1,
* 21.4 versions before 21.4R3,
* 22.1 versions before 22.1R2,
* 22.2 versions before 22.2R1-S2, 22.2R2.

Solution

juniper-junos-os-upgrade-latest

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today