{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-47498", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2024-09-25T15:26:52.609Z", "datePublished": "2024-10-11T15:30:02.282Z", "dateUpdated": "2024-10-11T17:38:01.248Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["QFX5000 Series"], "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.4R3-S8-EVO", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "22.2R3-S5-EVO", "status": "affected", "version": "22.2-EVO", "versionType": "semver"}, {"lessThan": "22.4R3-EVO", "status": "affected", "version": "22.4-EVO", "versionType": "semver"}, {"lessThan": "23.2R2-EVO", "status": "affected", "version": "23.2-EVO", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A device is exposed to this issue if one or more of the following options are configured:<br><br><tt>[ switch-options interface-mac-limit ... ]<br>[ switch-options interface &lt;interface&gt; interface-mac-limit ... ]<br>\n\n<span style=\"background-color: rgb(255, 255, 255);\">[ vlans </span><span style=\"background-color: rgb(255, 255, 255);\">&lt;vlan&gt; </span><span style=\"background-color: rgb(255, 255, 255);\">switch-options interface &lt;interface&gt; interface-mac-limit ... ]</span><br>\n\n[ vlans &lt;vlan&gt; switch-options mac-table-size ... ]<br>[ protocols l2-learning global-mac-limit ... ]<br>[ vlans &lt;vlan&gt; switch-options&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">mac-move-limit</span>&nbsp;drop/drop-and-log ]<br><br></tt>"}], "value": "A device is exposed to this issue if one or more of the following options are configured:\n\n[ switch-options interface-mac-limit ... ]\n[ switch-options interface <interface> interface-mac-limit ... ]\n\n\n[ vlans <vlan> switch-options interface <interface> interface-mac-limit ... ]\n\n\n[ vlans <vlan> switch-options mac-table-size ... ]\n[ protocols l2-learning global-mac-limit ... ]\n[ vlans <vlan> switch-options\u00a0mac-move-limit\u00a0drop/drop-and-log ]"}], "datePublic": "2024-10-09T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).<br><br>Several configuration statements meant to enforce limits on MAC learning and moves can be configured but do not take effect. This can lead to control plane overload situations which will severely impact the ability of the device to processes legitimate traffic.<br><br><p></p><p>This issue affects Junos OS Evolved on QFX5000 Series:</p><p></p><ul><li>All versions before 21.4R3-S8-EVO,</li><li><span style=\"background-color: var(--wht);\">22.2-EVO versions before 22.2R3-S5-EVO,</span><br></li><li><span style=\"background-color: var(--wht);\">22.4-EVO versions before 22.4R3-EVO,</span></li><li><span style=\"background-color: var(--wht);\">23.2-EVO versions before 23.2R2-EVO.</span><br></li></ul><p></p>"}], "value": "An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).\n\nSeveral configuration statements meant to enforce limits on MAC learning and moves can be configured but do not take effect. This can lead to control plane overload situations which will severely impact the ability of the device to processes legitimate traffic.\n\n\n\nThis issue affects Junos OS Evolved on QFX5000 Series:\n\n\n\n * All versions before 21.4R3-S8-EVO,\n * 22.2-EVO versions before 22.2R3-S5-EVO,\n\n * 22.4-EVO versions before 22.4R3-EVO,\n * 23.2-EVO versions before 23.2R2-EVO."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 7.1, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:L", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"description": "CWE 447 Unimplemented or Unsupported Feature in UI", "lang": "en"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-10-11T15:30:02.282Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://supportportal.juniper.net/JSA88128"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software releases have been updated to resolve this specific issue: <span style=\"background-color: rgb(255, 255, 255);\">21.4R3-S8-EVO, 22.2R3-S5-EVO*, 22.4R3-EVO, 23.2R2-EVO</span>, 23.4R1-EVO, and all subsequent releases.<br>(* future release)"}], "value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S8-EVO, 22.2R3-S5-EVO*, 22.4R3-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases.\n(* future release)"}], "source": {"advisory": "JSA88128", "defect": ["1705911"], "discovery": "USER"}, "title": "Junos OS Evolved: QFX5000 Series: Configured MAC learning and move limits are not in effect", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There are no known workarounds for this issue."}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-11T17:37:51.441062Z", "id": "CVE-2024-47498", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-11T17:38:01.248Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-47498", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2024-09-25T15:26:52.609Z", "datePublished": "2024-10-11T15:30:02.282Z", "dateUpdated": "2024-10-11T17:38:01.248Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["QFX5000 Series"], "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.4R3-S8-EVO", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "22.2R3-S5-EVO", "status": "affected", "version": "22.2-EVO", "versionType": "semver"}, {"lessThan": "22.4R3-EVO", "status": "affected", "version": "22.4-EVO", "versionType": "semver"}, {"lessThan": "23.2R2-EVO", "status": "affected", "version": "23.2-EVO", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A device is exposed to this issue if one or more of the following options are configured:<br><br><tt>[ switch-options interface-mac-limit ... ]<br>[ switch-options interface &lt;interface&gt; interface-mac-limit ... ]<br>\n\n<span style=\"background-color: rgb(255, 255, 255);\">[ vlans </span><span style=\"background-color: rgb(255, 255, 255);\">&lt;vlan&gt; </span><span style=\"background-color: rgb(255, 255, 255);\">switch-options interface &lt;interface&gt; interface-mac-limit ... ]</span><br>\n\n[ vlans &lt;vlan&gt; switch-options mac-table-size ... ]<br>[ protocols l2-learning global-mac-limit ... ]<br>[ vlans &lt;vlan&gt; switch-options&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">mac-move-limit</span>&nbsp;drop/drop-and-log ]<br><br></tt>"}], "value": "A device is exposed to this issue if one or more of the following options are configured:\n\n[ switch-options interface-mac-limit ... ]\n[ switch-options interface <interface> interface-mac-limit ... ]\n\n\n[ vlans <vlan> switch-options interface <interface> interface-mac-limit ... ]\n\n\n[ vlans <vlan> switch-options mac-table-size ... ]\n[ protocols l2-learning global-mac-limit ... ]\n[ vlans <vlan> switch-options\u00a0mac-move-limit\u00a0drop/drop-and-log ]"}], "datePublic": "2024-10-09T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).<br><br>Several configuration statements meant to enforce limits on MAC learning and moves can be configured but do not take effect. This can lead to control plane overload situations which will severely impact the ability of the device to processes legitimate traffic.<br><br><p></p><p>This issue affects Junos OS Evolved on QFX5000 Series:</p><p></p><ul><li>All versions before 21.4R3-S8-EVO,</li><li><span style=\"background-color: var(--wht);\">22.2-EVO versions before 22.2R3-S5-EVO,</span><br></li><li><span style=\"background-color: var(--wht);\">22.4-EVO versions before 22.4R3-EVO,</span></li><li><span style=\"background-color: var(--wht);\">23.2-EVO versions before 23.2R2-EVO.</span><br></li></ul><p></p>"}], "value": "An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).\n\nSeveral configuration statements meant to enforce limits on MAC learning and moves can be configured but do not take effect. This can lead to control plane overload situations which will severely impact the ability of the device to processes legitimate traffic.\n\n\n\nThis issue affects Junos OS Evolved on QFX5000 Series:\n\n\n\n * All versions before 21.4R3-S8-EVO,\n * 22.2-EVO versions before 22.2R3-S5-EVO,\n\n * 22.4-EVO versions before 22.4R3-EVO,\n * 23.2-EVO versions before 23.2R2-EVO."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 7.1, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:L", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"description": "CWE 447 Unimplemented or Unsupported Feature in UI", "lang": "en"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-10-11T15:30:02.282Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://supportportal.juniper.net/JSA88128"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software releases have been updated to resolve this specific issue: <span style=\"background-color: rgb(255, 255, 255);\">21.4R3-S8-EVO, 22.2R3-S5-EVO*, 22.4R3-EVO, 23.2R2-EVO</span>, 23.4R1-EVO, and all subsequent releases.<br>(* future release)"}], "value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S8-EVO, 22.2R3-S5-EVO*, 22.4R3-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases.\n(* future release)"}], "source": {"advisory": "JSA88128", "defect": ["1705911"], "discovery": "USER"}, "title": "Junos OS Evolved: QFX5000 Series: Configured MAC learning and move limits are not in effect", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There are no known workarounds for this issue."}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-47498", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-11T17:37:51.441062Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-11T17:37:56.663Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).\n\nSeveral configuration statements meant to enforce limits on MAC learning and moves can be configured but do not take effect. This can lead to control plane overload situations which will severely impact the ability of the device to processes legitimate traffic.\n\n\n\nThis issue affects Junos OS Evolved on QFX5000 Series:\n\n\n\n * All versions before 21.4R3-S8-EVO,\n * 22.2-EVO versions before 22.2R3-S5-EVO,\n\n * 22.4-EVO versions before 22.4R3-EVO,\n * 23.2-EVO versions before 23.2R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de caracter\u00edstica no implementada o no compatible en la interfaz de usuario en la CLI de Juniper Networks Junos OS Evolved en la serie QFX5000 permite que un atacante adyacente no autenticado provoque una denegaci\u00f3n de servicio (DoS). Se pueden configurar varias declaraciones de configuraci\u00f3n destinadas a imponer l\u00edmites en el aprendizaje y los movimientos de MAC, pero no surten efecto. Esto puede provocar situaciones de sobrecarga del plano de control que afectar\u00e1n gravemente la capacidad del dispositivo para procesar tr\u00e1fico leg\u00edtimo. Este problema afecta a Junos OS Evolved en la serie QFX5000: * Todas las versiones anteriores a 21.4R3-S8-EVO, * Versiones 22.2-EVO anteriores a 22.2R3-S5-EVO, * Versiones 22.4-EVO anteriores a 22.4R3-EVO, * Versiones 23.2-EVO anteriores a 23.2R2-EVO."}], "id": "CVE-2024-47498", "lastModified": "2024-10-15T12:58:51.050", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "LOW", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "LOW"}, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2024-10-11T16:15:10.590", "references": [{"source": "sirt@juniper.net", "url": "https://supportportal.juniper.net/JSA88128"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Awaiting Analysis"}

{}