CVE-2024-47501

Summary

CVE-2024-47501 is a NULL Pointer Dereference vulnerability affecting Juniper Networks' Junos OS, specifically on MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C devices. This vulnerability allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS) by executing specific show commands in a VPLS or Junos Fusion environment, resulting in crashes and restarts of all FPCs hosting VPLS sessions. The affected versions include all releases before 21.2R3-S1, versions 21.3 prior to 21.3R3, and versions 21.4 prior to 21.4R2. To remediate this vulnerability, organizations are advised to upgrade their devices to the specified secure versions. With a base severity rating of medium and a high availability impact score, this vulnerability poses a significant risk to network reliability if exploited.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.