CVE-2024-47509— Juniper Networks Junos OS Evolved 安全漏洞
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2024-47509 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak #3
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. GUID exhaustion will trigger a syslog message like one of the following: evo-pfemand[<pid>]: get_next_guid: Ran out of Guid Space ... evo-aftmand-zx[<pid>]: get_next_guid: Ran out of Guid Space ... The leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids: user@host> show platform application-info allocations app evo-pfemand/evo-pfemand In case one or more of these values are constantly increasing the leak is happening. This issue affects Junos OS Evolved: * All versions before 21.4R2-EVO, * 22.1 versions before 22.1R2-EVO. Please note that this issue is similar to, but different from CVE-2024-47505 and CVE-2024-47508.
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
不加限制或调节的资源分配
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Juniper Networks Junos OS Evolved 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Juniper Networks Junos OS Evolved是美国瞻博网络(Juniper Networks)公司的Junos OS 的升级版系统。 Juniper Networks Junos OS Evolved存在安全漏洞,该漏洞源于资源消耗不受控制。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
| 厂商 | 产品 | 影响版本 | CPE | 订阅 |
|---|---|---|---|---|
| Juniper Networks | Junos OS Evolved | 21.4 ~ 21.4R2-EVO | - |
二、漏洞 CVE-2024-47509 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2024-47509 的情报信息
请登录查看更多情报信息。
同批安全公告 · Juniper Networks · 2024-10-11 · 共 25 条
| CVE-2024-47490 | 8.2 HIGH | Juniper Networks Junos OS Evolved 安全漏洞 |
| CVE-2024-39547 | 7.5 HIGH | Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 安全漏洞 |
| CVE-2024-47504 | 7.5 HIGH | Juniper Networks Junos OS 安全漏洞 |
| CVE-2024-47502 | 7.5 HIGH | Juniper Networks Junos OS Evolved 安全漏洞 |
| CVE-2024-47499 | 7.5 HIGH | Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 代码问题漏洞 |
| CVE-2024-47497 | 7.5 HIGH | Juniper Networks Junos OS 资源管理错误漏洞 |
| CVE-2024-39563 | 7.3 HIGH | Juniper Networks Junos Space 命令注入漏洞 |
| CVE-2024-47495 | 6.7 MEDIUM | Juniper Networks Junos OS Evolved 安全漏洞 |
| CVE-2024-39526 | 6.5 MEDIUM | Juniper Networks Junos OS 安全漏洞 |
| CVE-2024-47493 | 6.5 MEDIUM | Juniper Networks Junos OS 安全漏洞 |
| CVE-2024-47498 | 6.5 MEDIUM | Juniper Networks Junos OS Evolved 安全漏洞 |
| CVE-2024-47503 | 6.5 MEDIUM | Juniper Networks Junos OS 代码问题漏洞 |
| CVE-2024-47505 | 6.5 MEDIUM | Juniper Networks Junos OS Evolved 安全漏洞 |
| CVE-2024-47508 | 6.5 MEDIUM | Juniper Networks Junos OS Evolved 安全漏洞 |
| CVE-2024-47494 | 5.9 MEDIUM | Juniper Networks Junos OS 安全漏洞 |
| CVE-2024-47491 | 5.9 MEDIUM | Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 安全漏洞 |
| CVE-2024-47506 | 5.9 MEDIUM | Juniper Networks Junos OS 安全漏洞 |
| CVE-2024-47489 | 5.8 MEDIUM | Juniper Networks Junos OS Evolved 安全漏洞 |
| CVE-2024-47507 | 5.8 MEDIUM | Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 安全漏洞 |
| CVE-2024-47496 | 5.5 MEDIUM | Juniper Networks Junos OS 代码问题漏洞 |
显示前 20 条,共 25 条。 查看全部 → →
IV. Related Vulnerabilities
Same vendor: Juniper Networks
V. Comments for CVE-2024-47509
暂无评论