{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-47504","assignerOrgId":"8cbe9d5a-a066-4c94-8978-4b15efeae968","state":"PUBLISHED","assignerShortName":"juniper","dateReserved":"2024-09-25T15:26:52.610Z","datePublished":"2024-10-11T15:33:08.341Z","dateUpdated":"2024-10-11T17:25:02.384Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","platforms":["SRX5000 Series"],"product":"Junos OS","vendor":"Juniper Networks","versions":[{"lessThan":"22.2R3-S5","status":"affected","version":"22.2","versionType":"semver"},{"lessThan":"22.3R3-S4","status":"affected","version":"22.3","versionType":"semver"},{"lessThan":"22.4R3-S4","status":"affected","version":"22.4","versionType":"semver"},{"lessThan":"23.2R2-S2","status":"affected","version":"23.2","versionType":"semver"},{"lessThan":"23.4R2-S1","status":"affected","version":"23.4","versionType":"semver"},{"lessThan":"24.2R1-S1, 24.2R2","status":"affected","version":"24.2","versionType":"semver"}]}],"configurations":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"To be exposed to this issue the device must not be configured for clustering:<br><br><tt>user@host&gt; show chassis cluster status  &nbsp; &nbsp; &nbsp; <br>error: Chassis cluster is not enabled.</tt>"}],"value":"To be exposed to this issue the device must not be configured for clustering:\n\nuser@host> show chassis cluster status        \nerror: Chassis cluster is not enabled."}],"datePublic":"2024-10-09T16:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service (Dos).<br><br>When a non-clustered SRX5000 device receives a specifically malformed packet this will cause a flowd crash and restart.<br><br><span style=\"background-color: var(--wht);\">This issue affects Junos OS:</span><p></p><ul><li>22.1 releases 22.1R1 and later before 22.2R3-S5,</li><li>22.3 releases before 22.3R3-S4,</li><li>22.4 releases before 22.4R3-S4,</li><li>23.2 releases before 23.2R2-S2,</li><li>23.4 releases before 23.4R2-S1,</li><li>24.2 releases before 24.2R1-S1, 24.2R2.</li></ul>Please note that the PR does indicate that earlier versions have been fixed as well, but these won't be adversely impacted by this.&nbsp;<p></p>"}],"value":"An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service (Dos).\n\nWhen a non-clustered SRX5000 device receives a specifically malformed packet this will cause a flowd crash and restart.\n\nThis issue affects Junos OS:\n\n  *  22.1 releases 22.1R1 and later before 22.2R3-S5,\n  *  22.3 releases before 22.3R3-S4,\n  *  22.4 releases before 22.4R3-S4,\n  *  23.2 releases before 23.2R2-S2,\n  *  23.4 releases before 23.4R2-S1,\n  *  24.2 releases before 24.2R1-S1, 24.2R2.\n\n\nPlease note that the PR does indicate that earlier versions have been fixed as well, but these won't be adversely impacted by this."}],"exploits":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}],"value":"Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]},{"cvssV4_0":{"Automatable":"YES","Recovery":"AUTOMATIC","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":8.7,"baseSeverity":"HIGH","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"MODERATE"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1287","description":"CWE-1287 Improper Validation of Specified Type of Input","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"8cbe9d5a-a066-4c94-8978-4b15efeae968","shortName":"juniper","dateUpdated":"2024-10-11T15:34:31.872Z"},"references":[{"tags":["vendor-advisory"],"url":"https://supportportal.juniper.net/JSA88134"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"The following software releases have been updated to resolve this specific issue: 22.2R3-S5*,&nbsp;22.3R3-S4*, 22.4R3-S4, 23.2R2-S2, 23.4R2-S1, 24.2R1-S1, 24.2R2*, 24.4R1*, and all subsequent releases.<br>\n\n(* future release)"}],"value":"The following software releases have been updated to resolve this specific issue: 22.2R3-S5*, 22.3R3-S4*, 22.4R3-S4, 23.2R2-S2, 23.4R2-S1, 24.2R1-S1, 24.2R2*, 24.4R1*, and all subsequent releases.\n\n\n(* future release)"}],"source":{"advisory":"JSA88134","defect":["1821452"],"discovery":"USER"},"title":"Junos OS: SRX5000 Series: Receipt of a specific malformed packet will cause a flowd crash","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"There are no known workarounds for this issue."}],"value":"There are no known workarounds for this issue."}],"x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"affected":[{"vendor":"juniper","product":"junos","cpes":["cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","versions":[{"version":"22.2","status":"affected","lessThan":"22.2r3-s5","versionType":"semver"},{"version":"22.3","status":"affected","lessThan":"22.3r3-s4","versionType":"semver"},{"version":"22.4","status":"affected","lessThan":"22.4r3-s4","versionType":"semver"},{"version":"23.2","status":"affected","lessThan":"23.2r2-s2","versionType":"semver"},{"version":"23.4","status":"affected","lessThan":"23.4r2-s1","versionType":"semver"},{"version":"24.2","status":"affected","lessThan":"24.2r1-s1","versionType":"semver"},{"version":"24.2","status":"affected","lessThan":"24.2r2","versionType":"semver"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-10-11T17:19:09.401803Z","id":"CVE-2024-47504","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-11T17:25:02.384Z"}}]}}