CVE-2024-47496 - Vulnerability Details

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition. This issue only affects MX Series devices with Line cards MPC1-MPC9. This issue affects: Junos OS on MX Series: * All versions before 21.4R3-S9, * from 22.2 before 22.2R3-S5, * from 22.3 before 22.3R3-S4, * from 22.4 before 22.4R3-S2, * from 23.2 before 23.2R2-S1, * from 23.4 before 23.4R2.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00053.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Juniper	2x100ge \+ 4x10ge Mpc5e 2x100ge \+ 4x10ge Mpc5eq 2x100ge \+ 8x10ge Mpc4e 32x10ge Mpc4e 6x40ge \+ 24x10ge Mpc5e 6x40ge \+ 24x10ge Mpc5eq Junos Mpc1 Mpc1 Q Mpc1e Mpc1e Q Mpc2 Mpc2 Eq Mpc2 Q Mpc2e Mpc2e Eq Mpc2e Ng Mpc2e Ng Q Mpc2e P Mpc2e Q Mpc3e Mpc3e-3d-ng Mpc3e-3d-ng-q Mpc6e Mpc7e-10g Mpc7e-mrate Mpc8e Mpc9e Mx2008 Mx2010 Mx240 Mx480 Mx960
Juniper Networks	Junos Os

Configuration 1 [-]

AND

OR	cpe:2.3:o:juniper:junos::::::::
	cpe:2.3:o:juniper:junos:21.4:-::::::
	cpe:2.3:o:juniper:junos:21.4:r1::::::
	cpe:2.3:o:juniper:junos:21.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:21.4:r1-s2::::::
	cpe:2.3:o:juniper:junos:21.4:r2::::::
	cpe:2.3:o:juniper:junos:21.4:r2-s1::::::
	cpe:2.3:o:juniper:junos:21.4:r2-s2::::::
	cpe:2.3:o:juniper:junos:21.4:r3::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s1::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s10::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s11::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s12::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s2::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s3::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s4::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s5::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s6::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s7::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s8::::::
	cpe:2.3:o:juniper:junos:22.2:-::::::
	cpe:2.3:o:juniper:junos:22.2:r1::::::
	cpe:2.3:o:juniper:junos:22.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:22.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:22.2:r2::::::
	cpe:2.3:o:juniper:junos:22.2:r2-s1::::::
	cpe:2.3:o:juniper:junos:22.2:r2-s2::::::
	cpe:2.3:o:juniper:junos:22.2:r3::::::
	cpe:2.3:o:juniper:junos:22.2:r3-s1::::::
	cpe:2.3:o:juniper:junos:22.2:r3-s2::::::
	cpe:2.3:o:juniper:junos:22.2:r3-s3::::::
	cpe:2.3:o:juniper:junos:22.2:r3-s4::::::
	cpe:2.3:o:juniper:junos:22.3:-::::::
	cpe:2.3:o:juniper:junos:22.3:r1::::::
	cpe:2.3:o:juniper:junos:22.3:r1-s1::::::
	cpe:2.3:o:juniper:junos:22.3:r1-s2::::::
	cpe:2.3:o:juniper:junos:22.3:r2::::::
	cpe:2.3:o:juniper:junos:22.3:r2-s1::::::
	cpe:2.3:o:juniper:junos:22.3:r2-s2::::::
	cpe:2.3:o:juniper:junos:22.3:r3::::::
	cpe:2.3:o:juniper:junos:22.3:r3-s1::::::
	cpe:2.3:o:juniper:junos:22.3:r3-s2::::::
	cpe:2.3:o:juniper:junos:22.3:r3-s3::::::
	cpe:2.3:o:juniper:junos:22.4:-::::::
	cpe:2.3:o:juniper:junos:22.4:r1::::::
	cpe:2.3:o:juniper:junos:22.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:22.4:r1-s2::::::
	cpe:2.3:o:juniper:junos:22.4:r2::::::
	cpe:2.3:o:juniper:junos:22.4:r2-s1::::::
	cpe:2.3:o:juniper:junos:22.4:r2-s2::::::
	cpe:2.3:o:juniper:junos:22.4:r3::::::
	cpe:2.3:o:juniper:junos:22.4:r3-s1::::::
	cpe:2.3:o:juniper:junos:23.2:-::::::
	cpe:2.3:o:juniper:junos:23.2:r1::::::
	cpe:2.3:o:juniper:junos:23.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:23.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:23.2:r2::::::
	cpe:2.3:o:juniper:junos:23.4:-::::::
	cpe:2.3:o:juniper:junos:23.4:r1::::::
	cpe:2.3:o:juniper:junos:23.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:23.4:r1-s2::::::

OR	cpe:2.3:h:juniper:2x100ge_\+_4x10ge_mpc5e:-:::::::*
	cpe:2.3:h:juniper:2x100ge_\+_4x10ge_mpc5eq:-:::::::*
	cpe:2.3:h:juniper:2x100ge_\+_8x10ge_mpc4e:-:::::::*
	cpe:2.3:h:juniper:32x10ge_mpc4e:-:::::::*
	cpe:2.3:h:juniper:6x40ge_\+_24x10ge_mpc5e:-:::::::*
	cpe:2.3:h:juniper:6x40ge_\+_24x10ge_mpc5eq:-:::::::*
	cpe:2.3:h:juniper:mpc1:-:::::::*
	cpe:2.3:h:juniper:mpc1_q:-:::::::*
	cpe:2.3:h:juniper:mpc1e:-:::::::*
	cpe:2.3:h:juniper:mpc1e_q:-:::::::*
	cpe:2.3:h:juniper:mpc2:-:::::::*
	cpe:2.3:h:juniper:mpc2_eq:-:::::::*
	cpe:2.3:h:juniper:mpc2_q:-:::::::*
	cpe:2.3:h:juniper:mpc2e:-:::::::*
	cpe:2.3:h:juniper:mpc2e_eq:-:::::::*
	cpe:2.3:h:juniper:mpc2e_ng:-:::::::*
	cpe:2.3:h:juniper:mpc2e_ng_q:-:::::::*
	cpe:2.3:h:juniper:mpc2e_p:-:::::::*
	cpe:2.3:h:juniper:mpc2e_q:-:::::::*
	cpe:2.3:h:juniper:mpc3e:-:::::::*
	cpe:2.3:h:juniper:mpc3e-3d-ng:-:::::::*
	cpe:2.3:h:juniper:mpc3e-3d-ng-q:-:::::::*
	cpe:2.3:h:juniper:mpc6e:-:::::::*
	cpe:2.3:h:juniper:mpc7e-10g:-:::::::*
	cpe:2.3:h:juniper:mpc7e-mrate:-:::::::*
	cpe:2.3:h:juniper:mpc8e:-:::::::*
	cpe:2.3:h:juniper:mpc9e:-:::::::*
	cpe:2.3:h:juniper:mx2008:-:::::::*
	cpe:2.3:h:juniper:mx2010:-:::::::*
	cpe:2.3:h:juniper:mx240:-:::::::*
	cpe:2.3:h:juniper:mx480:-:::::::*
	cpe:2.3:h:juniper:mx960:-:::::::*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Juniper Networks	Junos Os

References

Link	Providers
https://supportportal.juniper.net/

History

Mon, 26 Jan 2026 18:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Juniper Juniper 2x100ge \+ 4x10ge Mpc5e Juniper 2x100ge \+ 4x10ge Mpc5eq Juniper 2x100ge \+ 8x10ge Mpc4e Juniper 32x10ge Mpc4e Juniper 6x40ge \+ 24x10ge Mpc5e Juniper 6x40ge \+ 24x10ge Mpc5eq Juniper junos Juniper mpc1 Juniper mpc1 Q Juniper mpc1e Juniper mpc1e Q Juniper mpc2 Juniper mpc2 Eq Juniper mpc2 Q Juniper mpc2e Juniper mpc2e Eq Juniper mpc2e Ng Juniper mpc2e Ng Q Juniper mpc2e P Juniper mpc2e Q Juniper mpc3e Juniper mpc3e-3d-ng Juniper mpc3e-3d-ng-q Juniper mpc6e Juniper mpc7e-10g Juniper mpc7e-mrate Juniper mpc8e Juniper mpc9e Juniper mx2008 Juniper mx2010 Juniper mx240 Juniper mx480 Juniper mx960
CPEs		cpe:2.3:h:juniper:2x100ge_\+_4x10ge_mpc5e:-:::::::* cpe:2.3:h:juniper:2x100ge_\+_4x10ge_mpc5eq:-:::::::* cpe:2.3:h:juniper:2x100ge_\+_8x10ge_mpc4e:-:::::::* cpe:2.3:h:juniper:32x10ge_mpc4e:-:::::::* cpe:2.3:h:juniper:6x40ge_\+_24x10ge_mpc5e:-:::::::* cpe:2.3:h:juniper:6x40ge_\+_24x10ge_mpc5eq:-:::::::* cpe:2.3:h:juniper:mpc1:-:::::::* cpe:2.3:h:juniper:mpc1_q:-:::::::* cpe:2.3:h:juniper:mpc1e:-:::::::* cpe:2.3:h:juniper:mpc1e_q:-:::::::* cpe:2.3:h:juniper:mpc2:-:::::::* cpe:2.3:h:juniper:mpc2_eq:-:::::::* cpe:2.3:h:juniper:mpc2_q:-:::::::* cpe:2.3:h:juniper:mpc2e:-:::::::* cpe:2.3:h:juniper:mpc2e_eq:-:::::::* cpe:2.3:h:juniper:mpc2e_ng:-:::::::* cpe:2.3:h:juniper:mpc2e_ng_q:-:::::::* cpe:2.3:h:juniper:mpc2e_p:-:::::::* cpe:2.3:h:juniper:mpc2e_q:-:::::::* cpe:2.3:h:juniper:mpc3e-3d-ng-q:-:::::::* cpe:2.3:h:juniper:mpc3e-3d-ng:-:::::::* cpe:2.3:h:juniper:mpc3e:-:::::::* cpe:2.3:h:juniper:mpc6e:-:::::::* cpe:2.3:h:juniper:mpc7e-10g:-:::::::* cpe:2.3:h:juniper:mpc7e-mrate:-:::::::* cpe:2.3:h:juniper:mpc8e:-:::::::* cpe:2.3:h:juniper:mpc9e:-:::::::* cpe:2.3:h:juniper:mx2008:-:::::::* cpe:2.3:h:juniper:mx2010:-:::::::* cpe:2.3:h:juniper:mx240:-:::::::* cpe:2.3:h:juniper:mx480:-:::::::* cpe:2.3:h:juniper:mx960:-:::::::* cpe:2.3:o:juniper:junos:::::::: cpe:2.3:o:juniper:junos:21.4:-:::::: cpe:2.3:o:juniper:junos:21.4:r1-s1:::::: cpe:2.3:o:juniper:junos:21.4:r1-s2:::::: cpe:2.3:o:juniper:junos:21.4:r1:::::: cpe:2.3:o:juniper:junos:21.4:r2-s1:::::: cpe:2.3:o:juniper:junos:21.4:r2-s2:::::: cpe:2.3:o:juniper:junos:21.4:r2:::::: cpe:2.3:o:juniper:junos:21.4:r3-s10:::::: cpe:2.3:o:juniper:junos:21.4:r3-s11:::::: cpe:2.3:o:juniper:junos:21.4:r3-s12:::::: cpe:2.3:o:juniper:junos:21.4:r3-s1:::::: cpe:2.3:o:juniper:junos:21.4:r3-s2:::::: cpe:2.3:o:juniper:junos:21.4:r3-s3:::::: cpe:2.3:o:juniper:junos:21.4:r3-s4:::::: cpe:2.3:o:juniper:junos:21.4:r3-s5:::::: cpe:2.3:o:juniper:junos:21.4:r3-s6:::::: cpe:2.3:o:juniper:junos:21.4:r3-s7:::::: cpe:2.3:o:juniper:junos:21.4:r3-s8:::::: cpe:2.3:o:juniper:junos:21.4:r3:::::: cpe:2.3:o:juniper:junos:22.2:-:::::: cpe:2.3:o:juniper:junos:22.2:r1-s1:::::: cpe:2.3:o:juniper:junos:22.2:r1-s2:::::: cpe:2.3:o:juniper:junos:22.2:r1:::::: cpe:2.3:o:juniper:junos:22.2:r2-s1:::::: cpe:2.3:o:juniper:junos:22.2:r2-s2:::::: cpe:2.3:o:juniper:junos:22.2:r2:::::: cpe:2.3:o:juniper:junos:22.2:r3-s1:::::: cpe:2.3:o:juniper:junos:22.2:r3-s2:::::: cpe:2.3:o:juniper:junos:22.2:r3-s3:::::: cpe:2.3:o:juniper:junos:22.2:r3-s4:::::: cpe:2.3:o:juniper:junos:22.2:r3:::::: cpe:2.3:o:juniper:junos:22.3:-:::::: cpe:2.3:o:juniper:junos:22.3:r1-s1:::::: cpe:2.3:o:juniper:junos:22.3:r1-s2:::::: cpe:2.3:o:juniper:junos:22.3:r1:::::: cpe:2.3:o:juniper:junos:22.3:r2-s1:::::: cpe:2.3:o:juniper:junos:22.3:r2-s2:::::: cpe:2.3:o:juniper:junos:22.3:r2:::::: cpe:2.3:o:juniper:junos:22.3:r3-s1:::::: cpe:2.3:o:juniper:junos:22.3:r3-s2:::::: cpe:2.3:o:juniper:junos:22.3:r3-s3:::::: cpe:2.3:o:juniper:junos:22.3:r3:::::: cpe:2.3:o:juniper:junos:22.4:-:::::: cpe:2.3:o:juniper:junos:22.4:r1-s1:::::: cpe:2.3:o:juniper:junos:22.4:r1-s2:::::: cpe:2.3:o:juniper:junos:22.4:r1:::::: cpe:2.3:o:juniper:junos:22.4:r2-s1:::::: cpe:2.3:o:juniper:junos:22.4:r2-s2:::::: cpe:2.3:o:juniper:junos:22.4:r2:::::: cpe:2.3:o:juniper:junos:22.4:r3-s1:::::: cpe:2.3:o:juniper:junos:22.4:r3:::::: cpe:2.3:o:juniper:junos:23.2:-:::::: cpe:2.3:o:juniper:junos:23.2:r1-s1:::::: cpe:2.3:o:juniper:junos:23.2:r1-s2:::::: cpe:2.3:o:juniper:junos:23.2:r1:::::: cpe:2.3:o:juniper:junos:23.2:r2:::::: cpe:2.3:o:juniper:junos:23.4:-:::::: cpe:2.3:o:juniper:junos:23.4:r1-s1:::::: cpe:2.3:o:juniper:junos:23.4:r1-s2:::::: cpe:2.3:o:juniper:junos:23.4:r1::::::
Vendors & Products		Juniper Juniper 2x100ge \+ 4x10ge Mpc5e Juniper 2x100ge \+ 4x10ge Mpc5eq Juniper 2x100ge \+ 8x10ge Mpc4e Juniper 32x10ge Mpc4e Juniper 6x40ge \+ 24x10ge Mpc5e Juniper 6x40ge \+ 24x10ge Mpc5eq Juniper junos Juniper mpc1 Juniper mpc1 Q Juniper mpc1e Juniper mpc1e Q Juniper mpc2 Juniper mpc2 Eq Juniper mpc2 Q Juniper mpc2e Juniper mpc2e Eq Juniper mpc2e Ng Juniper mpc2e Ng Q Juniper mpc2e P Juniper mpc2e Q Juniper mpc3e Juniper mpc3e-3d-ng Juniper mpc3e-3d-ng-q Juniper mpc6e Juniper mpc7e-10g Juniper mpc7e-mrate Juniper mpc8e Juniper mpc9e Juniper mx2008 Juniper mx2010 Juniper mx240 Juniper mx480 Juniper mx960

Fri, 11 Oct 2024 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 11 Oct 2024 15:45:00 +0000

Type	Values Removed	Values Added
Description		A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition. This issue only affects MX Series devices with Line cards MPC1-MPC9. This issue affects: Junos OS on MX Series: * All versions before 21.4R3-S9, * from 22.2 before 22.2R3-S5, * from 22.3 before 22.3R3-S4, * from 22.4 before 22.4R3-S2, * from 23.2 before 23.2R2-S1, * from 23.4 before 23.4R2.
Title		Junos OS: MX Series: The PFE will crash on running specific command
Weaknesses		CWE-476
References		https://supportportal.juniper.net/
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` cvssV4_0 `{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/R:A'}`

MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2024-10-11T15:28:13.727Z

Updated: 2024-10-11T17:42:39.299Z

Reserved: 2024-09-25T15:26:52.609Z

Link: CVE-2024-47496

Vulnrichment

Updated: 2024-10-11T17:42:35.236Z

NVD

Status : Analyzed

Published: 2024-10-11T16:15:10.080

Modified: 2026-01-26T18:19:15.840

Link: CVE-2024-47496

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-07-12T22:23:34Z

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object