{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-47498",
"ASSIGNER": "sirt@juniper.net",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).\n\nSeveral configuration statements meant to enforce limits on MAC learning and moves can be configured but do not take effect. This can lead to control plane overload situations which will severely impact the ability of the device to processes legitimate traffic.\n\n\n\nThis issue affects Junos OS Evolved on QFX5000 Series:\n\n\n\n * All versions before 21.4R3-S8-EVO,\n * 22.2-EVO versions before 22.2R3-S5-EVO,\n\n * 22.4-EVO versions before 22.4R3-EVO,\n * 23.2-EVO versions before 23.2R2-EVO."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE 447 Unimplemented or Unsupported Feature in UI"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Juniper Networks",
"product": {
"product_data": [
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "21.4R3-S8-EVO"
},
{
"version_affected": "<",
"version_name": "22.2-EVO",
"version_value": "22.2R3-S5-EVO"
},
{
"version_affected": "<",
"version_name": "22.4-EVO",
"version_value": "22.4R3-EVO"
},
{
"version_affected": "<",
"version_name": "23.2-EVO",
"version_value": "23.2R2-EVO"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://supportportal.juniper.net/JSA88128",
"refsource": "MISC",
"name": "https://supportportal.juniper.net/JSA88128"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "JSA88128",
"defect": [
"1705911"
],
"discovery": "USER"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A device is exposed to this issue if one or more of the following options are configured:
[ switch-options interface-mac-limit ... ]
[ switch-options interface <interface> interface-mac-limit ... ]
\n\n[ vlans <vlan> switch-options interface <interface> interface-mac-limit ... ]
\n\n[ vlans <vlan> switch-options mac-table-size ... ]
[ protocols l2-learning global-mac-limit ... ]
[ vlans <vlan> switch-options mac-move-limit drop/drop-and-log ]
"
}
],
"value": "A device is exposed to this issue if one or more of the following options are configured:\n\n[ switch-options interface-mac-limit ... ]\n[ switch-options interface interface-mac-limit ... ]\n\n\n[ vlans switch-options interface interface-mac-limit ... ]\n\n\n[ vlans switch-options mac-table-size ... ]\n[ protocols l2-learning global-mac-limit ... ]\n[ vlans switch-options\u00a0mac-move-limit\u00a0drop/drop-and-log ]"
}
],
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S8-EVO, 22.2R3-S5-EVO*, 22.4R3-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases.
(* future release)"
}
],
"value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S8-EVO, 22.2R3-S5-EVO*, 22.4R3-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases.\n(* future release)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}
}