CVE-2024-47498

MEDIUM

Juniper Networks Junos OS Evolved - QFX5000 Series - DoS

Title source: llm

Description

An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). Several configuration statements meant to enforce limits on MAC learning and moves can be configured but do not take effect. This can lead to control plane overload situations which will severely impact the ability of the device to processes legitimate traffic. This issue affects Junos OS Evolved on QFX5000 Series: * All versions before 21.4R3-S8-EVO, * 22.2-EVO versions before 22.2R3-S5-EVO, * 22.4-EVO versions before 22.4R3-EVO, * 23.2-EVO versions before 23.2R2-EVO.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory

https://supportportal.juniper.net/JSA88128

Scores

CVSS v3 6.5

EPSS 0.0015

EPSS Percentile 35.0%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

Status published

Products (5)

juniper/junos_os_evolved 21.4 (15 CPE variants)

juniper/junos_os_evolved 22.2 (12 CPE variants)

juniper/junos_os_evolved 22.4 (7 CPE variants)

juniper/junos_os_evolved 23.2 (4 CPE variants)

juniper/junos_os_evolved < 21.4

Published Oct 11, 2024

Tracked Since Feb 18, 2026