How severe is CVE-2024-47507?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2024-47507?

This is classified as CWE-754, which is a common weakness in software security.

CVE-2024-47507

MEDIUM Year: 2024

CVSS v3 Score

5.8

Medium

Weakness Type

CWE-754

View all →

Vulnerability Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an integrity impact to the downstream devices. When a peer sends a BGP update message which contains the aggregator attribute with an ASN value of zero (0), rpd accepts and propagates this attribute, which can cause issues for downstream BGP peers receiving this. This issue affects: Junos OS: * All versions before 21.4R3-S6, * 22.2 versions before 22.2R3-S3, * 22.4 versions before 22.4R3; Junos OS Evolved: * All versions before 21.4R3-S7-EVO, * 22.2 versions before 22.2R3-S4-EVO, * 22.4 versions before 22.4R3-EVO.

CVE-2021-0225

MEDIUM

CVSS:5.8(Medium)

An Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS Evolved may cause the stateless firewall filter configuration which uses the action 'policer' in certain combinatio...

CWE-7542021

CVE-2024-39561

MEDIUM

CVSS:5.8(Medium)

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an attacker to send TCP packets with ...

CWE-7542024

CVE-2021-33139

MEDIUM

CVSS:5.7(Medium)

Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of...

CWE-7542021

CVE-2018-7287

MEDIUM

CVSS:5.9(Medium)

An issue was discovered in res_http_websocket.c in Asterisk 15.x through 15.2.1. If the HTTP server is enabled (default is disabled), WebSocket payloads of size 0 are mishandled (with a busy loop).

CWE-7542018

CVE-2018-7803

MEDIUM

CVSS:5.9(Medium)

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TriStation Emulator V1.2.0, which could cause the emulator to crash when sending a specially crafted pac...

CWE-7542018

CVE-2021-27568

MEDIUM

CVSS:5.9(Medium)

An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatExceptio...

CWE-7542021

CVE-2024-47507

Vulnerability Description

Related Vulnerabilities

CVE-2021-0225

CVE-2024-39561

CVE-2021-33139

CVE-2018-7287

CVE-2018-7803

CVE-2021-27568