HIGH🇵🇱 Wersja polska

CVE-2024-47490

CVSS 7.7v4.0pub. 2024-10-11upd. 2026-01-26

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network based attacker to cause increased consumption of resources, ultimately resulting in a Denial of Service (DoS). When specific transit MPLS packets are received by the PFE, these packets are internally forwarded to the Routing Engine (RE), rather than being handled appropriately. Continuous receipt of these MPLS packets causes resources to be exhausted. MPLS config is not required to be affected by this issue.  This issue affects Junos OS Evolved ACX 7000 Series:  * All versions before 21.4R3-S9-EVO, * 22.2-EVO before 22.2R3-S4-EVO,  * 22.3-EVO before 22.3R3-S3-EVO,  * 22.4-EVO before 22.4R3-S2-EVO,  * 23.2-EVO before 23.2R2-EVO,  * 23.4-EVO before 23.4R1-S1-EVO, 23.4R2-EVO.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Juniper Acx7020

    HW
    Juniper
    wszystkie wersje
  • Juniper Acx7024

    HW
    Juniper
    wszystkie wersje
  • Juniper Acx7024x

    HW
    Juniper
    wszystkie wersje
  • Juniper Acx7100

    HW
    Juniper
    wszystkie wersje
  • Juniper Acx7300

    HW
    Juniper
    wszystkie wersje
  • Juniper Acx7509

    HW
    Juniper
    wszystkie wersje
  • Juniper Junos Os Evolved

    OS
    Juniper
    21.422.222.322.423.223.4< 21.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2026-21902CRITICAL9.3PL ✓ten sam produkt

RCE jako root w Juniper Junos OS Evolved — błędne uprawnienia do krytycznego zasobu

CVE-2021-0211CRITICAL10.0ten sam produkt

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Rout...

CVE-2025-59969HIGH7.1ten sam produkt

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the advanced forward...

CVE-2026-21919HIGH7.1ten sam produkt

An Incorrect Synchronization vulnerability in the management daemon (mgd) of Juniper Networks Junos OS and Jun...

CVE-2026-33780HIGH7.1ten sam produkt

A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2a...

CVE-2024-47490 — Juniper — Acx7020 — HIGH — CVSS 7.7 | CVEbaza.pl