How severe is CVE-2024-47506?

This vulnerability has a severity rating of HIGH with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2024-47506?

This is classified as CWE-833, which is a common weakness in software security.

CVE-2024-47506 - HIGH Severity | CVSS 5.9

Vulnerability Description

A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result in a PFE crash and restart. Whether the crash occurs, depends on system internal timing that is outside the attackers control. This issue affects Junos OS on SRX Series: * All versions before 21.3R3-S1, * 21.4 versions before 21.4R3, * 22.1 versions before 22.1R2, * 22.2 versions before 22.2R1-S2, 22.2R2.

Related Vulnerabilities

CVE-2024-8447

MEDIUM

CVSS:5.9(Medium)

A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID ...

CWE-8332024

CVE-2022-4269

MEDIUM

CVSS:5.5(Medium)

A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged use...

CWE-8332022

CVE-2023-0160

MEDIUM

CVSS:5.5(Medium)

A deadlock flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to potentially crash the system.

CWE-8332023

CVE-2023-31084

MEDIUM

CVSS:5.5(Medium)

An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interrupt...

CWE-8332023

CVE-2024-0639

MEDIUM

CVSS:5.5(Medium)

A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to ...

CWE-8332024

CVE-2024-0641

MEDIUM

CVSS:5.5(Medium)

A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadloc...

CWE-8332024