CVE-2024-47490

{"id": "CVE-2024-47490", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.2, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 7.7, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "LOW", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "HIGH", "vulnerableSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "NONE", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-10-11T16:15:08.803", "references": [{"url": "https://supportportal.juniper.net/JSA83009", "source": "sirt@juniper.net"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-923"}]}], "descriptions": [{"lang": "en", "value": "An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Packet Forwarding Engine (PFE)\u00a0of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network based attacker to cause increased consumption of resources, ultimately resulting in a Denial of Service (DoS).\n\nWhen specific transit MPLS packets are received by the PFE, these packets are internally forwarded to the Routing Engine (RE), rather than being handled appropriately. Continuous receipt of these MPLS packets causes resources to be exhausted. MPLS config is not required to be affected by this issue.\u00a0\n\n\nThis issue affects Junos OS Evolved ACX 7000 Series:\u00a0\n\n\n\n * All versions before 21.4R3-S9-EVO,\n * 22.2-EVO before 22.2R3-S4-EVO,\u00a0\n * 22.3-EVO before 22.3R3-S3-EVO,\u00a0\n * 22.4-EVO before 22.4R3-S2-EVO,\u00a0\n * 23.2-EVO before 23.2R2-EVO,\u00a0\n * 23.4-EVO before 23.4R1-S1-EVO, 23.4R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de restricci\u00f3n inadecuada del canal de comunicaci\u00f3n a los endpoints previstos en el motor de reenv\u00edo de paquetes (PFE) de Juniper Networks Junos OS Evolved en la serie ACX 7000 permite que un atacante no autenticado basado en la red provoque un mayor consumo de recursos, lo que en \u00faltima instancia da como resultado una denegaci\u00f3n de servicio (DoS). Cuando el PFE recibe paquetes MPLS de tr\u00e1nsito espec\u00edficos, estos paquetes se reenv\u00edan internamente al motor de enrutamiento (RE), en lugar de manejarse adecuadamente. La recepci\u00f3n continua de estos paquetes MPLS hace que se agoten los recursos. No es necesario que la configuraci\u00f3n MPLS se vea afectada por este problema. Este problema afecta a Junos OS Evolved ACX 7000 Series: * Todas las versiones anteriores a 21.4R3-S9-EVO, * 22.2-EVO anterior a 22.2R3-S4-EVO, * 22.3-EVO anterior a 22.3R3-S3-EVO, * 22.4-EVO anterior a 22.4R3-S2-EVO, * 23.2-EVO anterior a 23.2R2-EVO, * 23.4-EVO anterior a 23.4R1-S1-EVO, 23.4R2-EVO."}], "lastModified": "2024-10-15T12:58:51.050", "sourceIdentifier": "sirt@juniper.net"}