admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/47xxx/CVE-2024-47505.json
CVE Team 72ed5109f2
"-Synchronized-Data."
2024-10-11 16:00:34 +00:00

165 lines
7.9 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-47505",
"ASSIGNER": "sirt@juniper.net",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Allocation of Resources Without Limits or Throttling\u00a0vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover.\n\nGUID exhaustion will trigger a syslog message like one of the following:\n\nevo-pfemand[<pid>]: get_next_guid: Ran out of Guid Space ...\nevo-aftmand-zx[<pid>]: get_next_guid: Ran out of Guid Space ...\nThe leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids:\n\n\n\n\n\nuser@host> show platform application-info allocations app evo-pfemand/evo-pfemand\n\n\n\nIn case one or more of these values are constantly increasing the leak is happening.\n\nThis issue affects Junos OS Evolved:\n\n\n\n * All versions before 21.4R3-S7-EVO,\n * 22.1 versions before 22.1R3-S6-EVO,\n * 22.2 versions before 22.2R3-EVO,\u00a0\n\n * 22.3 versions before 22.3R3-EVO,\n * 22.4 versions before 22.4R2-EVO.\n\n\n\nPlease note that this issue is similar to, but different from\u00a0CVE-2024-47508 and CVE-2024-47509."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770 Allocation of Resources Without Limits or Throttling",
"cweId": "CWE-770"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Juniper Networks",
"product": {
"product_data": [
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "21.4",
"version_value": "21.4R3-S7-EVO"
},
{
"version_affected": "<",
"version_name": "22.1",
"version_value": "22.1R3-S6-EVO"
},
{
"version_affected": "<",
"version_name": "22.2",
"version_value": "22.2R3-EVO"
},
{
"version_affected": "<",
"version_name": "22.3",
"version_value": "22.3R3-EVO"
},
{
"version_affected": "<",
"version_name": "22.4",
"version_value": "22.4R2-EVO"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://supportportal.juniper.net/",
"refsource": "MISC",
"name": "https://supportportal.juniper.net/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "JSA88136",
"defect": [
"1713163"
],
"discovery": "INTERNAL"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For this issue to be exploitable from the CLI there is no minimal configuration required. For this issue to be exploited via SNMP minimal SNMP configuration <span style=\"background-color: rgb(251, 251, 251);\">with at least read access is required:</span><br><br><tt>[ snmp community &lt;name&gt; ]</tt><br><br><span style=\"background-color: rgb(251, 251, 251);\">or</span><br><br><tt>[ snmp v3 ... ]</tt>\n\n<br>"
}
],
"value": "For this issue to be exploitable from the CLI there is no minimal configuration required. For this issue to be exploited via SNMP minimal SNMP configuration with at least read access is required:\n\n[ snmp community <name> ]\n\nor\n\n[ snmp v3 ... ]"
}
],
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue.<br>\n\n<span style=\"background-color: rgb(251, 251, 251);\">To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted networks, hosts and users.</span>\n\n<br>"
}
],
"value": "There are no known workarounds for this issue.\n\n\nTo reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted networks, hosts and users."
}
],
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S7-EVO, 22.1R3-S6-EVO, 22.2R3-EVO, 22.3R3-EVO, 22.4R2-EVO, 23.2R1-EVO, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S7-EVO, 22.1R3-S6-EVO, 22.2R3-EVO, 22.3R3-EVO, 22.4R2-EVO, 23.2R1-EVO, and all subsequent releases."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink