cve-2024-47493
Vulnerability from cvelistv5
Published
2024-10-11 15:24
Modified
2024-11-08 17:17
Summary
Junos OS: MX Series: Trio-based FPCs: Continuous physical Interface flaps causes local FPC to crash
Impacted products
Juniper NetworksJunos OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47493",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-11T17:48:58.046112Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-11T17:49:07.243Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "MX"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "21.2R3-S7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "21.4R3-S6",
              "status": "affected",
              "version": "21.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.1R3-S5",
              "status": "affected",
              "version": "22.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R3-S3",
              "status": "affected",
              "version": "22.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R3-S2",
              "status": "affected",
              "version": "22.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R3",
              "status": "affected",
              "version": "22.4",
              "versionType": "semver"
            },
            {
              "lessThan": "23.2R2",
              "status": "affected",
              "version": "23.2",
              "versionType": "semver"
            },
            {
              "lessThan": "23.4R2",
              "status": "affected",
              "version": "23.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2024-10-09T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of the Juniper Networks Junos OS on the MX Series platforms with Trio-based FPCs allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eIn case of channelized Modular Interface Cards (MICs), every physical interface flap operation will leak heap memory. Over a period of time, continuous physical interface flap operations causes\u0026nbsp;local FPC  to eventually run out of memory and crash.\u0026nbsp;\u0026nbsp;\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003eBelow CLI command can be used to check the memory usage over a period of time:\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003ctt\u003e\u003ctt\u003e\u003ctt\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u2003\u2003user@host\u0026gt; show chassis fpc\u003cbr\u003e\n\n\n\n\n\n\n\n\n\n\u003cp\u003e\n\n\n\n\n\n\n\n\n\n\n\u003c/p\u003e\u003cp\u003e\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Temp  CPU Utilization (%) \u0026nbsp; CPU Utilization (%)  Memory \u0026nbsp; \nUtilization (%)\u003cbr\u003e\u0026nbsp; Slot State \u0026nbsp; \u0026nbsp;  (C)\u0026nbsp; Total\u0026nbsp; Interrupt \u0026nbsp; \u0026nbsp;  1min \u0026nbsp; 5min \u0026nbsp;\n15min DRAM (MB) Heap \u0026nbsp; \u0026nbsp; Buffer\u003cbr\u003e\n\u0026nbsp; 0 \nOnline\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;43 \u0026nbsp; \u0026nbsp; 41 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \n2 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 2048 \u0026nbsp; \u0026nbsp; \u0026nbsp; 49 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 14\u003cbr\u003e\n\u0026nbsp; 1 \nOnline\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;43 \u0026nbsp; \u0026nbsp; 41 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \n2 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\n2048 \u0026nbsp; \u0026nbsp; \u0026nbsp; 49 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 14\u003cbr\u003e\n\u0026nbsp; 2 \nOnline\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;43 \u0026nbsp; \u0026nbsp; 41 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \n2 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\n2048 \u0026nbsp; \u0026nbsp; \u0026nbsp; 49 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 14\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\u003c/span\u003e\u003c/span\u003e\u003c/tt\u003e\u003c/tt\u003e\u003c/tt\u003e\u003c/span\u003e\u003cp\u003eThis issue affects Junos OS on MX Series:\u0026nbsp;\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.2R3-S7,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 21.4 before 21.4R3-S6,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.1 before 22.1R3-S5,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.2 before 22.2R3-S3,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.3 before 22.3R3-S2,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R2.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of the Juniper Networks Junos OS on the MX Series platforms with Trio-based FPCs allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\n\nIn case of channelized Modular Interface Cards (MICs), every physical interface flap operation will leak heap memory. Over a period of time, continuous physical interface flap operations causes\u00a0local FPC  to eventually run out of memory and crash.\u00a0\u00a0\n\nBelow CLI command can be used to check the memory usage over a period of time:\n\n\u2003\u2003user@host\u003e show chassis fpc\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Temp  CPU Utilization (%) \u00a0 CPU Utilization (%)  Memory \u00a0 \nUtilization (%)\n\u00a0 Slot State \u00a0 \u00a0  (C)\u00a0 Total\u00a0 Interrupt \u00a0 \u00a0  1min \u00a0 5min \u00a0\n15min DRAM (MB) Heap \u00a0 \u00a0 Buffer\n\n\u00a0 0 \nOnline\u00a0 \u00a0 \u00a0 \u00a043 \u00a0 \u00a0 41 \u00a0 \u00a0 \u00a0 \u00a0 \n2 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 2048 \u00a0 \u00a0 \u00a0 49 \u00a0 \u00a0 \u00a0 \u00a0 14\n\n\u00a0 1 \nOnline\u00a0 \u00a0 \u00a0 \u00a043 \u00a0 \u00a0 41 \u00a0 \u00a0 \u00a0 \u00a0 \n2 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\n2048 \u00a0 \u00a0 \u00a0 49 \u00a0 \u00a0 \u00a0 \u00a0 14\n\n\u00a0 2 \nOnline\u00a0 \u00a0 \u00a0 \u00a043 \u00a0 \u00a0 41 \u00a0 \u00a0 \u00a0 \u00a0 \n2 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\n2048 \u00a0 \u00a0 \u00a0 49 \u00a0 \u00a0 \u00a0 \u00a0 14\n\n\n\n\n\n\n\n\n\nThis issue affects Junos OS on MX Series:\u00a0\n\n\n\n\n  *  All versions before 21.2R3-S7,\u00a0\n  *  from 21.4 before 21.4R3-S6,\u00a0\n  *  from 22.1 before 22.1R3-S5,\u00a0\n  *  from 22.2 before 22.2R3-S3,\u00a0\n  *  from 22.3 before 22.3R3-S2,\u00a0\n  *  from 22.4 before 22.4R3,\u00a0\n  *  from 23.2 before 23.2R2,\u00a0\n  *  from 23.4 before 23.4R2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "GREEN",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/U:Green",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401 Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-08T17:17:27.242Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://www.juniper.net/documentation/us/en/software/junos/interfaces-link-multilink/topics/topic-map/link-multilink-services-understanding.html#id-multilink-interfaces-on-channelized-mics-overview"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following software releases have been updated to resolve this specific issue: \u003cbr\u003e\u003cbr\u003eJunos OS: 21.2R3-S7, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R2, 23.4R1, 23.4R2, 24.1R1, and all subsequent releases."
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS: 21.2R3-S7, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R2, 23.4R1, 23.4R2, 24.1R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA88119",
        "defect": [
          "1770750"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: MX Series: Trio-based FPCs: Continuous physical Interface flaps causes local FPC to crash",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There are no known workarounds for this issue."
            }
          ],
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2024-47493",
    "datePublished": "2024-10-11T15:24:02.438Z",
    "dateReserved": "2024-09-25T15:26:52.608Z",
    "dateUpdated": "2024-11-08T17:17:27.242Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-47493\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2024-10-11T16:15:09.320\",\"lastModified\":\"2024-11-08T18:15:17.240\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of the Juniper Networks Junos OS on the MX Series platforms with Trio-based FPCs allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).\\n\\nIn case of channelized Modular Interface Cards (MICs), every physical interface flap operation will leak heap memory. Over a period of time, continuous physical interface flap operations causes\u00a0local FPC  to eventually run out of memory and crash.\u00a0\u00a0\\n\\nBelow CLI command can be used to check the memory usage over a period of time:\\n\\n\u2003\u2003user@host\u003e show chassis fpc\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Temp  CPU Utilization (%) \u00a0 CPU Utilization (%)  Memory \u00a0 \\nUtilization (%)\\n\u00a0 Slot State \u00a0 \u00a0  (C)\u00a0 Total\u00a0 Interrupt \u00a0 \u00a0  1min \u00a0 5min \u00a0\\n15min DRAM (MB) Heap \u00a0 \u00a0 Buffer\\n\\n\u00a0 0 \\nOnline\u00a0 \u00a0 \u00a0 \u00a043 \u00a0 \u00a0 41 \u00a0 \u00a0 \u00a0 \u00a0 \\n2 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 2048 \u00a0 \u00a0 \u00a0 49 \u00a0 \u00a0 \u00a0 \u00a0 14\\n\\n\u00a0 1 \\nOnline\u00a0 \u00a0 \u00a0 \u00a043 \u00a0 \u00a0 41 \u00a0 \u00a0 \u00a0 \u00a0 \\n2 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\\n2048 \u00a0 \u00a0 \u00a0 49 \u00a0 \u00a0 \u00a0 \u00a0 14\\n\\n\u00a0 2 \\nOnline\u00a0 \u00a0 \u00a0 \u00a043 \u00a0 \u00a0 41 \u00a0 \u00a0 \u00a0 \u00a0 \\n2 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\\n2048 \u00a0 \u00a0 \u00a0 49 \u00a0 \u00a0 \u00a0 \u00a0 14\\n\\n\\n\\n\\n\\n\\n\\n\\n\\nThis issue affects Junos OS on MX Series:\u00a0\\n\\n\\n\\n\\n  *  All versions before 21.2R3-S7,\u00a0\\n  *  from 21.4 before 21.4R3-S6,\u00a0\\n  *  from 22.1 before 22.1R3-S5,\u00a0\\n  *  from 22.2 before 22.2R3-S3,\u00a0\\n  *  from 22.3 before 22.3R3-S2,\u00a0\\n  *  from 22.4 before 22.4R3,\u00a0\\n  *  from 23.2 before 23.2R2,\u00a0\\n  *  from 23.4 before 23.4R2.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de falta de liberaci\u00f3n de memoria despu\u00e9s de la vida \u00fatil efectiva en el motor de reenv\u00edo de paquetes (PFE) del sistema operativo Junos de Juniper Networks en las plataformas de las series SRX5K, SRX4600 y MX con FPC basadas en Trio permite que un atacante adyacente no autenticado provoque una denegaci\u00f3n de servicio (DoS). En el caso de las tarjetas de interfaz modulares (MIC) canalizadas, cada operaci\u00f3n de oscilaci\u00f3n de la interfaz f\u00edsica perder\u00e1 memoria del mont\u00f3n. Con el paso del tiempo, las operaciones de oscilaci\u00f3n de la interfaz f\u00edsica continuas hacen que la FPC local se quede sin memoria y se bloquee. El siguiente comando CLI se puede utilizar para comprobar el uso de la memoria durante un per\u00edodo de tiempo: user@host\u0026gt; show housing fpc Temp CPU Utilization (%) CPU Utilization (%) Memory Utilization (%) Slot State (C) Total Interrupt 1min 5min 15min DRAM (MB) Heap Buffer 0 Online 43 41 2 2048 49 14 1 Online 43 41 2 2048 49 14 2 Online 43 41 2 2048 49 14 Este problema afecta a Junos OS en SRX5K, SRX4600 y MX Series: * Todas las versiones anteriores a 21.2R3-S7, * desde 21.4 hasta 21.4R3-S6, * desde 22.1 hasta 22.1R3-S5, * desde 22.2 hasta 22.2R3-S3, * desde 22.3 hasta 22.3R3-S2, * de 22.4 antes de 22.4R3, * de 23.2 antes de 23.2R2, * de 23.4 antes de 23.4R2.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:X/U:Green\",\"attackVector\":\"ADJACENT\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"NONE\",\"vulnerableSystemIntegrity\":\"NONE\",\"vulnerableSystemAvailability\":\"HIGH\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"YES\",\"recovery\":\"AUTOMATIC\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"GREEN\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\"}}],\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"references\":[{\"url\":\"https://supportportal.juniper.net/\",\"source\":\"sirt@juniper.net\"},{\"url\":\"https://www.juniper.net/documentation/us/en/software/junos/interfaces-link-multilink/topics/topic-map/link-multilink-services-understanding.html#id-multilink-interfaces-on-channelized-mics-overview\",\"source\":\"sirt@juniper.net\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.