Описание
A Missing Synchronization vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on ACX5448 and ACX710 allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).
If an interface flaps while the system gathers statistics on that interface, two processes simultaneously access a shared resource which leads to a PFE crash and restart.
This issue affects Junos OS:
All versions before 20.4R3-S9,
21.2 versions before 21.2R3-S5,
21.3 versions before 21.3R3-S5,
21.4 versions before 21.4R3-S4,
22.1 versions before 22.1R3-S2,
22.2 versions before 22.2R3-S2,
22.3 versions before 22.3R2-S2, 22.3R3,
22.4 versions before 22.4R2.
A Missing Synchronization vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on ACX5448 and ACX710 allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).
If an interface flaps while the system gathers statistics on that interface, two processes simultaneously access a shared resource which leads to a PFE crash and restart.
This issue affects Junos OS:
All versions before 20.4R3-S9,
21.2 versions before 21.2R3-S5,
21.3 versions before 21.3R3-S5,
21.4 versions before 21.4R3-S4,
22.1 versions before 22.1R3-S2,
22.2 versions before 22.2R3-S2,
22.3 versions before 22.3R2-S2, 22.3R3,
22.4 versions before 22.4R2.
Ссылки
EPSS
7.1 High
CVSS4
6.5 Medium
CVSS3
CVE ID
Дефекты
Связанные уязвимости
A Missing Synchronization vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on ACX5448 and ACX710 allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). If an interface flaps while the system gathers statistics on that interface, two processes simultaneously access a shared resource which leads to a PFE crash and restart. This issue affects Junos OS: * All versions before 20.4R3-S9, * 21.2 versions before 21.2R3-S5, * 21.3 versions before 21.3R3-S5, * 21.4 versions before 21.4R3-S4, * 22.1 versions before 22.1R3-S2, * 22.2 versions before 22.2R3-S2, * 22.3 versions before 22.3R2-S2, 22.3R3, * 22.4 versions before 22.4R2.
Уязвимость механизма пересылки пакетов Packet Forwarding Engine (PFE) операционной системы Juniper Networks Junos OS устройств серии ACX5448, ACX710, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.1 High
CVSS4
6.5 Medium
CVSS3