What is the severity of CVE-2024-47503?

CVE-2024-47503 is rated as a high severity vulnerability due to its potential for Denial-of-Service attacks.

How do I fix CVE-2024-47503?

To mitigate CVE-2024-47503, upgrade to the latest version of Junos OS as specified in the vendor's advisories.

What devices are affected by CVE-2024-47503?

CVE-2024-47503 affects Juniper Networks Junos OS running on SRX4600 and SRX5000 Series devices.

Can CVE-2024-47503 be exploited remotely?

Yes, CVE-2024-47503 can be exploited by an unauthenticated and logically adjacent attacker.

Vulnerability/
CVE-2024-47503

high

7.1

CWE

754

11/10/2024

15/10/2024

CVE-2024-47503: Junos OS: SRX4600 and SRX5000 Series: Sequence of specific PIM packets causes a flowd crash

Q: What type of vulnerability is CVE-2024-47503?

CVE-2024-47503 is an Improper Check for Unusual or Exceptional Conditions vulnerability.

First published: Fri Oct 11 2024(Updated: )

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an unauthenticated and logically adjacent attacker to cause a Denial-of-Service (DoS). If in a multicast scenario a sequence of specific PIM packets is received, this will cause a flowd crash and restart, which leads to momentary service interruption. This issue affects Junos OS on SRX 4600 and SRX 5000 Series: * All versions before 21.4R3-S9, * 22.2 versions before 22.2R3-S5, * 22.3 versions before 22.3R3-S4, * 22.4 versions before 22.4R3-S4, * 23.2 versions before 23.2R2-S2, * 23.4 versions before 23.4R2, * 24.2 versions before 24.2R1-S1, 24.2R2.

Credit: sirt@juniper.net

Affected Software	Affected Version	How to fix
Juniper Junos	<21.4R3-S9<22.2R3-S5<22.3R3-S4<22.4R3-S4<23.2R2-S2<23.4R2<24.2R1-S1<24.2R2

Remedy

The following software releases have been updated to resolve this specific issue: 21.4R3-S9, 22.2R3-S5*, 22.3R3-S4*, 22.4R3-S4, 23.2R2-S2, 23.4R2, 24.2R1-S1, 24.2R2*, 24.4R1*, and all subsequent releases. (* future release)

Never miss a vulnerability like this again

Reference Links

https://supportportal.juniper.net/JSA88133

Frequently Asked Questions

What is the severity of CVE-2024-47503?
CVE-2024-47503 is rated as a high severity vulnerability due to its potential for Denial-of-Service attacks.
How do I fix CVE-2024-47503?
To mitigate CVE-2024-47503, upgrade to the latest version of Junos OS as specified in the vendor's advisories.
What devices are affected by CVE-2024-47503?
CVE-2024-47503 affects Juniper Networks Junos OS running on SRX4600 and SRX5000 Series devices.
What type of vulnerability is CVE-2024-47503?
CVE-2024-47503 is an Improper Check for Unusual or Exceptional Conditions vulnerability.
Can CVE-2024-47503 be exploited remotely?
Yes, CVE-2024-47503 can be exploited by an unauthenticated and logically adjacent attacker.

agent/remedy
agent/weakness
agent/references
agent/title
agent/description
agent/type
agent/first-publish-date
agent/severity
agent/author
agent/event
collector/nvd-api
source/NVD
agent/last-modified-date
collector/mitre-cve
source/MITRE
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/juniper networks
canonical/juniper junos

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.