Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2023-AVI-0836
Vulnerability from certfr_avis - Published: 2023-10-12 - Updated: 2023-10-12
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS séries QFX5000 versions antérieures à 20.4R3-S6, 21.1R3-S5, 21.2R3-S5, 21.3R3-S4, 21.4R3-S3, 22.1R3-S2, 22.2R2-S2, 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.2R1 | ||
| Juniper Networks | Junos OS | Junos OS sur les séries MX versions antérieures à 20.4R3-S7, 21.1R3-S5, 21.2R3-S4, 21.3R3-S4, 21.4R3-S3, 22.1R3-S1, 22.2R2-S1, 22.2R3, 22.3R1-S2, 22.3R2, 22.4R1 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 20.4R3-S8-EVO, 21.1R3-S2-EVO, 21.2R3-S6-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 22.1R3-S4-EVO, 22.2R3-S3-EVO, 22.3R3-S1-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-S1-EVO, 23.2R2-EVO, 23.3R1-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 20.2R3-S6, 20.3R3-S5, 20.4R3-S9, 21.1R3-S5, 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R2-S2, 22.2R3-S2, 22.3R1-S2, 22.3R2-S2, 22.3R3-S1, 22.4R1-S2, 22.4R2-S2, 22.4R3, 23.1R2, 23.2R2, 23.3R1, |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS s\u00e9ries QFX5000 versions ant\u00e9rieures \u00e0 20.4R3-S6, 21.1R3-S5, 21.2R3-S5, 21.3R3-S4, 21.4R3-S3, 22.1R3-S2, 22.2R2-S2, 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur les s\u00e9ries MX versions ant\u00e9rieures \u00e0 20.4R3-S7, 21.1R3-S5, 21.2R3-S4, 21.3R3-S4, 21.4R3-S3, 22.1R3-S1, 22.2R2-S1, 22.2R3, 22.3R1-S2, 22.3R2, 22.4R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S8-EVO, 21.1R3-S2-EVO, 21.2R3-S6-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 22.1R3-S4-EVO, 22.2R3-S3-EVO, 22.3R3-S1-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-S1-EVO, 23.2R2-EVO, 23.3R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 20.2R3-S6, 20.3R3-S5, 20.4R3-S9, 21.1R3-S5, 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R2-S2, 22.2R3-S2, 22.3R1-S2, 22.3R2-S2, 22.3R3-S1, 22.4R1-S2, 22.4R2-S2, 22.4R3, 23.1R2, 23.2R2, 23.3R1,",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-44199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44199"
},
{
"name": "CVE-2023-36839",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36839"
},
{
"name": "CVE-2023-44184",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44184"
},
{
"name": "CVE-2023-44195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44195"
},
{
"name": "CVE-2023-44177",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44177"
},
{
"name": "CVE-2023-44201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44201"
},
{
"name": "CVE-2023-44193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44193"
},
{
"name": "CVE-2023-44175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44175"
},
{
"name": "CVE-2023-44197",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44197"
},
{
"name": "CVE-2023-44202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44202"
},
{
"name": "CVE-2023-36841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36841"
},
{
"name": "CVE-2023-44187",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44187"
},
{
"name": "CVE-2023-26551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26551"
},
{
"name": "CVE-2023-44186",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44186"
},
{
"name": "CVE-2023-44194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44194"
},
{
"name": "CVE-2023-22392",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22392"
},
{
"name": "CVE-2023-26555",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26555"
},
{
"name": "CVE-2023-36843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36843"
},
{
"name": "CVE-2023-44182",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44182"
},
{
"name": "CVE-2023-44183",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44183"
},
{
"name": "CVE-2023-26552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26552"
},
{
"name": "CVE-2023-44204",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44204"
},
{
"name": "CVE-2022-2274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2274"
},
{
"name": "CVE-2023-44196",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44196"
},
{
"name": "CVE-2023-44189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44189"
},
{
"name": "CVE-2023-44198",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44198"
},
{
"name": "CVE-2023-26554",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26554"
},
{
"name": "CVE-2023-44203",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44203"
},
{
"name": "CVE-2023-44178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44178"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2023-44192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44192"
},
{
"name": "CVE-2023-44181",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44181"
},
{
"name": "CVE-2023-26553",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26553"
},
{
"name": "CVE-2023-44191",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44191"
},
{
"name": "CVE-2023-44188",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44188"
},
{
"name": "CVE-2023-44190",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44190"
},
{
"name": "CVE-2023-44176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44176"
},
{
"name": "CVE-2023-44185",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44185"
}
],
"initial_release_date": "2023-10-12T00:00:00",
"last_revision_date": "2023-10-12T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0836",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-10-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73141 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-genuine-PIM-packet-causes-RPD-crash-CVE-2023-44175"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73160 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-Packets-which-are-not-destined-to-the-router-can-reach-the-RE-CVE-2023-44195"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73146 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BGP-scenario-RPD-crashes-upon-receiving-and-processing-a-specific-malformed-ISO-VPN--BGP-UPDATE-packet-CVE-2023-44185"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73169 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-QFX5000-series-EX2300-EX3400-EX4100-EX4400-and-EX4600-Packet-flooding-will-occur-when-IGMP-traffic-is-sent-to-an-isolated-VLAN-CVE-2023-44203"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73164 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-SIP-ALG-doesn-t-drop-specifically-malformed-retransmitted-SIP-packets-CVE-2023-44198"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73168 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-Specific-TCP-packets-will-bypass-a-control-plane-firewall-filter-CVE-2023-44202"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73167 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-local-attacker-can-retrieve-sensitive-information-and-elevate-privileges-on-the-devices-to-an-authorized-user-CVE-2023-44201"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73153 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-PTX10003-Series-MAC-address-validation-bypass-vulnerability-CVE-2023-44189"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73149 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-Unchecked-Return-Value-in-multiple-users-interfaces-affects-confidentiality-and-integrity-of-device-operations-CVE-2023-44182"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73140 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-Vulnerabilities-in-CLI-command"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73172 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-MX-Series-Receipt-of-malformed-TCP-traffic-will-cause-a-Denial-of-Service-CVE-2023-36841"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73162 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-PTX10003-Series-Packets-which-are-not-destined-to-the-router-can-reach-the-RE-CVE-2023-44196"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73165 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-MX-Series-In-a-PTP-scenario-a-prolonged-routing-protocol-churn-can-trigger-an-FPC-reboot-CVE-2023-44199"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73152 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-jkdsd-crash-due-to-multiple-telemetry-requests-CVE-2023-44188"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73157 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-MX-Series-An-FPC-crash-is-observed-when-CFM-is-enabled-in-a-VPLS-scenario-and-a-specific-LDP-related-command-is-run-CVE-2023-44193"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73154 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-PTX10001-PTX10004-PTX10008-PTX10016-MAC-address-validation-bypass-vulnerability-CVE-2023-44190"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73170 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-The-rpd-will-crash-upon-receiving-a-malformed-BGP-UPDATE-message-CVE-2023-44204"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73150 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-crash-when-attempting-to-send-a-very-long-AS-PATH-to-a-non-4-byte-AS-capable-BGP-neighbor-CVE-2023-44186"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73171 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-l2cpd-crash-will-occur-when-specific-LLDP-packets-are-received-CVE-2023-36839"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73145 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-QFX5k-l2-loop-in-the-overlay-impacts-the-stability-in-a-EVPN-VXLAN-environment-CVE-2023-44181"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73174 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-SRX-Series-The-PFE-will-crash-on-receiving-malformed-SSL-traffic-when-ATP-is-enabled-CVE-2023-36843"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73530 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-Received-flow-routes-which-aren-t-installed-as-the-hardware-doesn-t-support-them-lead-to-an-FPC-heap-memory-leak-CVE-2023-22392"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73176 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Vulnerability-fixed-in-OpenSSL"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73156 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-QFX5000-Series-DMA-memory-leak-is-observed-when-specific-DHCP-packets-are-transmitted-over-pseudo-VTEP-CVE-2023-44192"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73148 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-QFX5000-Series-EX4600-Series-In-a-VxLAN-scenario-an-adjacent-attacker-within-the-VxLAN-sending-genuine-packets-may-cause-a-DMA-memory-leak-to-occur-CVE-2023-44183"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73147 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-High-CPU-load-due-to-specific-NETCONF-command-CVE-2023-44184"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73151 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-file-copy-CLI-command-can-disclose-password-to-shell-users-CVE-2023-44187"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73177 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-NTP-vulnerabilities-resolved"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73163 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-rpd-crash-may-occur-when-BGP-is-processing-newly-learned-routes-CVE-2023-44197"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73155 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-QFX5000-Series-and-EX4000-Series-Denial-of-Service-DoS-on-a-large-scale-VLAN-due-to-PFE-hogging-CVE-2023-44191"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA73158 du 11 octobre 2023",
"url": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-An-unauthenticated-attacker-with-local-access-to-the-device-can-create-a-backdoor-with-root-privileges-CVE-2023-44194"
}
]
}
CVE-2023-44186 (GCVE-0-2023-44186)
Vulnerability from cvelistv5 – Published: 2023-10-11 20:08 – Updated: 2024-12-03 14:49
VLAI
EPSS
Title
Junos OS and Junos OS Evolved: RPD crash when attempting to send a very long AS PATH to a non-4-byte-AS capable BGP neighbor
Summary
An Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a BGP update message with an AS PATH containing a large number of 4-byte ASes, leading to a Denial of Service (DoS). Continued receipt and processing of these BGP updates will create a sustained Denial of Service (DoS) condition.
This issue is hit when the router has Non-Stop Routing (NSR) enabled, has a non-4-byte-AS capable BGP neighbor, receives a BGP update message with a prefix that includes a long AS PATH containing large number of 4-byte ASes, and has to advertise the prefix towards the non-4-byte-AS capable BGP neighbor.
Note: NSR is not supported on the SRX Series and is therefore not affected by this vulnerability.
This issue affects:
Juniper Networks Junos OS:
* All versions prior to 20.4R3-S8;
* 21.1 versions 21.1R1 and later;
* 21.2 versions prior to 21.2R3-S6;
* 21.3 versions prior to 21.3R3-S5;
* 21.4 versions prior to 21.4R3-S5;
* 22.1 versions prior to 22.1R3-S4;
* 22.2 versions prior to 22.2R3-S2;
* 22.3 versions prior to 22.3R2-S2, 22.3R3-S1;
* 22.4 versions prior to 22.4R2-S1, 22.4R3.
Juniper Networks Junos OS Evolved
* All versions prior to 20.4R3-S8-EVO;
* 21.1 versions 21.1R1-EVO and later;
* 21.2 versions prior to 21.2R3-S6-EVO;
* 21.3 versions prior to 21.3R3-S5-EVO;
* 21.4 versions prior to 21.4R3-S5-EVO;
* 22.1 versions prior to 22.1R3-S4-EVO;
* 22.2 versions prior to 22.2R3-S2-EVO;
* 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;
* 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-755 - Improper Handling of Exceptional Conditions
- Denial of Service (DoS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA73150 | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 20.4R3-S8
(semver)
Affected: 21.1R1 , < 21.1* (semver) Affected: 21.2 , < 21.2R3-S6 (semver) Affected: 21.3 , < 21.3R3-S5 (semver) Affected: 21.4 , < 21.4R3-S5 (semver) Affected: 22.1 , < 22.1R3-S4 (semver) Affected: 22.2 , < 22.2R3-S2 (semver) Affected: 22.3 , < 22.3R2-S2, 22.3R3-S1 (semver) Affected: 22.4 , < 22.4R2-S1, 22.4R3 (semver) |
|
| Juniper Networks | Junos OS Evolved |
Affected:
0 , < 20.4R3-S8-EVO
(semver)
Affected: 21.1 , < 21.1*-EVO (semver) Affected: 21.2 , < 21.2R3-S6-EVO (semver) Affected: 21.3 , < 21.3R3-S5-EVO (semver) Affected: 21.4 , < 21.4R3-S5-EVO (semver) Affected: 22.1 , < 22.1R3-S4-EVO (semver) Affected: 22.2 , < 22.2R3-S2-EVO (semver) Affected: 22.3 , < 22.3R2-S2-EVO, 22.3R3-S1-EVO (semver) Affected: 22.4 , < 22.4R2-S1-EVO, 22.4R3-EVO (semver) |
Date Public
2023-10-11 16:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:59:51.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA73150"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44186",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-06T16:45:50.764805Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T14:49:41.755Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"MX Series",
"PTX Series",
"ACX Series",
"EX Series",
"QFX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.1*",
"status": "affected",
"version": "21.1R1",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S6",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S5",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S5",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S4",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S2",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R2-S2, 22.3R3-S1",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R2-S1, 22.4R3",
"status": "affected",
"version": "22.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"PTX Series",
"ACX Series",
"QFX Series"
],
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S8-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.1*-EVO",
"status": "affected",
"version": "21.1",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S6-EVO",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S5-EVO",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S5-EVO",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S4-EVO",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S2-EVO",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R2-S2-EVO, 22.3R3-S1-EVO",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R2-S1-EVO, 22.4R3-EVO",
"status": "affected",
"version": "22.4",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eNonstop Active Routing is enabled using the following configuration:\u003c/p\u003e \u003ctt\u003e[edit chassis redundancy]\u003cbr\u003e\u003c/tt\u003e\u003ctt\u003egraceful-switchover;\u003cbr\u003e\u003c/tt\u003e\u003ctt\u003e\u003cbr\u003e[edit routing-options]\u003cbr\u003e\u003c/tt\u003e\u003ctt\u003enonstop-routing;\u003c/tt\u003e"
}
],
"value": "Nonstop Active Routing is enabled using the following configuration:\n\n [edit chassis redundancy]\ngraceful-switchover;\n\n[edit routing-options]\nnonstop-routing;"
}
],
"datePublic": "2023-10-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAn Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a BGP update message with an AS PATH containing a large number of 4-byte ASes, leading to a Denial of Service (DoS). Continued receipt and processing of these BGP updates will create a sustained Denial of Service (DoS) condition.\u003c/p\u003e\u003cp\u003eThis issue is hit when the router has Non-Stop Routing (NSR) enabled, has a non-4-byte-AS capable BGP neighbor, receives a BGP update message with a prefix that includes a long AS PATH containing large number of 4-byte ASes, and has to advertise the prefix towards the non-4-byte-AS capable BGP neighbor.\u003c/p\u003eNote: NSR is not supported on the SRX Series and is therefore not affected by this vulnerability.\u003cbr\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003eJuniper Networks Junos OS:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions prior to 20.4R3-S8;\u003c/li\u003e\u003cli\u003e21.1 versions 21.1R1 and later;\u003c/li\u003e\u003cli\u003e21.2 versions prior to 21.2R3-S6;\u003c/li\u003e\u003cli\u003e21.3 versions prior to 21.3R3-S5;\u003c/li\u003e\u003cli\u003e21.4 versions prior to 21.4R3-S5;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R3-S4;\u003c/li\u003e\u003cli\u003e22.2 versions prior to 22.2R3-S2;\u003c/li\u003e\u003cli\u003e22.3 versions prior to 22.3R2-S2, 22.3R3-S1;\u003c/li\u003e\u003cli\u003e22.4 versions prior to 22.4R2-S1, 22.4R3.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eJuniper Networks Junos OS Evolved\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions prior to 20.4R3-S8-EVO;\u003c/li\u003e\u003cli\u003e21.1 versions 21.1R1-EVO and later;\u003c/li\u003e\u003cli\u003e21.2 versions prior to 21.2R3-S6-EVO;\u003c/li\u003e\u003cli\u003e21.3 versions prior to 21.3R3-S5-EVO;\u003c/li\u003e\u003cli\u003e21.4 versions prior to 21.4R3-S5-EVO;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R3-S4-EVO;\u003c/li\u003e\u003cli\u003e22.2 versions prior to 22.2R3-S2-EVO;\u003c/li\u003e\u003cli\u003e22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;\u003c/li\u003e\u003cli\u003e22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\n"
}
],
"value": "\nAn Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a BGP update message with an AS PATH containing a large number of 4-byte ASes, leading to a Denial of Service (DoS). Continued receipt and processing of these BGP updates will create a sustained Denial of Service (DoS) condition.\n\nThis issue is hit when the router has Non-Stop Routing (NSR) enabled, has a non-4-byte-AS capable BGP neighbor, receives a BGP update message with a prefix that includes a long AS PATH containing large number of 4-byte ASes, and has to advertise the prefix towards the non-4-byte-AS capable BGP neighbor.\n\nNote: NSR is not supported on the SRX Series and is therefore not affected by this vulnerability.\nThis issue affects:\n\nJuniper Networks Junos OS:\n\n\n\n * All versions prior to 20.4R3-S8;\n * 21.1 versions 21.1R1 and later;\n * 21.2 versions prior to 21.2R3-S6;\n * 21.3 versions prior to 21.3R3-S5;\n * 21.4 versions prior to 21.4R3-S5;\n * 22.1 versions prior to 22.1R3-S4;\n * 22.2 versions prior to 22.2R3-S2;\n * 22.3 versions prior to 22.3R2-S2, 22.3R3-S1;\n * 22.4 versions prior to 22.4R2-S1, 22.4R3.\n\n\n\n\nJuniper Networks Junos OS Evolved\n\n\n\n * All versions prior to 20.4R3-S8-EVO;\n * 21.1 versions 21.1R1-EVO and later;\n * 21.2 versions prior to 21.2R3-S6-EVO;\n * 21.3 versions prior to 21.3R3-S5-EVO;\n * 21.4 versions prior to 21.4R3-S5-EVO;\n * 22.1 versions prior to 22.1R3-S4-EVO;\n * 22.2 versions prior to 22.2R3-S2-EVO;\n * 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;\n * 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO.\n\n\n\n\n\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-05T23:07:57.356Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA73150"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: \u003c/p\u003e\u003cp\u003eJunos OS: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S2, 22.3R2-S2, 22.3R3-S1, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases.\u003c/p\u003e\u003cp\u003eJunos OS Evolved: 20.4R3-S8-EVO, 21.2R3-S6-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 22.1R3-S4-EVO, 22.2R3-S2-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.4R2-S1-EVO, 22.4R3-EVO, 23.2R1-EVO, and all subsequent releases.\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S2, 22.3R2-S2, 22.3R3-S1, 22.4R2-S1, 22.4R3, 23.2R1, and all subsequent releases.\n\nJunos OS Evolved: 20.4R3-S8-EVO, 21.2R3-S6-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 22.1R3-S4-EVO, 22.2R3-S2-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.4R2-S1-EVO, 22.4R3-EVO, 23.2R1-EVO, and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA73150",
"defect": [
"1736029"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-10-11T16:00:00.000Z",
"value": "Initial Publication"
},
{
"lang": "en",
"time": "2023-10-16T16:00:00.000Z",
"value": "Added specific platforms affected and unaffected"
},
{
"lang": "en",
"time": "2024-03-05T17:00:00.000Z",
"value": "Updated affected/fixed releases to convey that 23.2R1 and all subsequent releases are fixed."
}
],
"title": "Junos OS and Junos OS Evolved: RPD crash when attempting to send a very long AS PATH to a non-4-byte-AS capable BGP neighbor",
"workarounds": [
{
"lang": "en",
"value": "Current operational and security best practices, such as limiting the AS PATH length, should mitigate risk of this issue.\n\nBelow is an example configuration to limit AS PATH to 30 entries:\n\nset groups BASE-POLICY policy-options policy-statement MaxAS-Limit-30 term more-than-30 from protocol bgp\nset groups BASE-POLICY policy-options policy-statement MaxAS-Limit-30 term more-than-30 from as-path 31as\nset groups BASE-POLICY policy-options policy-statement MaxAS-Limit-30 term more-than-30 then reject\nset groups BASE-POLICY policy-options policy-statement MaxAS-Limit-30 then accept\nset groups BASE-POLICY policy-options policy-statement Customer-IN term MaxAS-Limit from policy MaxAS-Limit-30\nset groups BASE-BGP protocols bgp group \u003c*-CUSTOMER\u003e import Customer-IN\nset groups BASE-PREFIX-LISTS policy-options as-path 31as \".{31,}\""
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-av217"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-44186",
"datePublished": "2023-10-11T20:08:26.308Z",
"dateReserved": "2023-09-26T19:30:27.953Z",
"dateUpdated": "2024-12-03T14:49:41.755Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44187 (GCVE-0-2023-44187)
Vulnerability from cvelistv5 – Published: 2023-10-11 20:37 – Updated: 2024-09-18 14:36
VLAI
EPSS
Title
Junos OS Evolved: 'file copy' CLI command can disclose password to shell users
Summary
An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system.
This issue affects Juniper Networks Junos OS Evolved:
* All versions prior to 20.4R3-S7-EVO;
* 21.1 versions 21.1R1-EVO and later;
* 21.2 versions prior to 21.2R3-S5-EVO;
* 21.3 versions prior to 21.3R3-S4-EVO;
* 21.4 versions prior to 21.4R3-S4-EVO;
* 22.1 versions prior to 22.1R3-S2-EVO;
* 22.2 versions prior to 22.2R2-EVO.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA73151 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS Evolved |
Affected:
0 , < 20.4R3-S7-EVO
(semver)
Affected: 21.1R1 , < 21.1* (semver) Affected: 21.2 , < 21.2R3-S5-EVO (semver) Affected: 21.3 , < 21.3R3-S4-EVO (semver) Affected: 21.4 , < 21.4R3-S4-EVO (semver) Affected: 22.1 , < 22.1R3-S2-EVO (semver) Affected: 22.2 , < 22.2R2-EVO (semver) |
Date Public
2023-10-11 16:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:59:51.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA73151"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T14:36:15.878708Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T14:36:44.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S7-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.1*",
"status": "affected",
"version": "21.1R1",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S5-EVO",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S4-EVO",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S4-EVO",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S2-EVO",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R2-EVO",
"status": "affected",
"version": "22.2",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Exposure of Sensitive Information vulnerability in the \u0027file copy\u0027 command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system.\u003cbr\u003e\u003cbr\u003eThis issue affects Juniper Networks Junos OS Evolved:\u003cbr\u003e\u003cul\u003e\u003cli\u003eAll versions prior to 20.4R3-S7-EVO;\u003c/li\u003e\u003cli\u003e21.1 versions 21.1R1-EVO and later;\u003c/li\u003e\u003cli\u003e21.2 versions prior to 21.2R3-S5-EVO;\u003c/li\u003e\u003cli\u003e21.3 versions prior to 21.3R3-S4-EVO;\u003c/li\u003e\u003cli\u003e21.4 versions prior to 21.4R3-S4-EVO;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R3-S2-EVO;\u003c/li\u003e\u003cli\u003e22.2 versions prior to 22.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "An Exposure of Sensitive Information vulnerability in the \u0027file copy\u0027 command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system.\n\nThis issue affects Juniper Networks Junos OS Evolved:\n * All versions prior to 20.4R3-S7-EVO;\n * 21.1 versions 21.1R1-EVO and later;\n * 21.2 versions prior to 21.2R3-S5-EVO;\n * 21.3 versions prior to 21.3R3-S4-EVO;\n * 21.4 versions prior to 21.4R3-S4-EVO;\n * 22.1 versions prior to 22.1R3-S2-EVO;\n * 22.2 versions prior to 22.2R2-EVO.\n\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-11T21:09:50.294Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA73151"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.4R3-S7-EVO, 21.2R3-S5-EVO, 21.3R3-S4-EVO, 21.4R3-S4-EVO, 22.1R3-S2-EVO, 22.2R2-EVO, 22.3R1-EVO, and all subsequent releases.\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.4R3-S7-EVO, 21.2R3-S5-EVO, 21.3R3-S4-EVO, 21.4R3-S4-EVO, 22.1R3-S2-EVO, 22.2R2-EVO, 22.3R1-EVO, and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA73151",
"defect": [
"1639609"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-10-11T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS Evolved: \u0027file copy\u0027 CLI command can disclose password to shell users",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eRestrict Junos OS Evolved shell access to trusted users only.\u003c/p\u003e\u003cp\u003eAvoid or disallow the use of the \u0027file copy\u0027 command.\u003c/p\u003e"
}
],
"value": "Restrict Junos OS Evolved shell access to trusted users only.\n\nAvoid or disallow the use of the \u0027file copy\u0027 command.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-av217"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-44187",
"datePublished": "2023-10-11T20:37:23.379Z",
"dateReserved": "2023-09-26T19:30:27.953Z",
"dateUpdated": "2024-09-18T14:36:44.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44188 (GCVE-0-2023-44188)
Vulnerability from cvelistv5 – Published: 2023-10-11 20:55 – Updated: 2024-08-02 19:59
VLAI
EPSS
Title
Junos OS: jkdsd crash due to multiple telemetry requests
Summary
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of Juniper Networks Junos OS allows a network-based authenticated attacker to flood the system with multiple telemetry requests, causing the Junos Kernel Debugging Streaming Daemon (jkdsd) process to crash, leading to a Denial of Service (DoS). Continued receipt and processing of telemetry requests will repeatedly crash the jkdsd process and sustain the Denial of Service (DoS) condition.
This issue is seen on all Junos platforms. The crash is triggered when multiple telemetry requests come from different collectors. As the load increases, the Dynamic Rendering Daemon (drend) decides to defer processing and continue later, which results in a timing issue accessing stale memory, causing the jkdsd process to crash and restart.
Note: jkdsd is not shipped with SRX Series devices and therefore are not affected by this vulnerability.
This issue affects:
Juniper Networks Junos OS:
* 20.4 versions prior to 20.4R3-S9;
* 21.1 versions 21.1R1 and later;
* 21.2 versions prior to 21.2R3-S6;
* 21.3 versions prior to 21.3R3-S5;
* 21.4 versions prior to 21.4R3-S5;
* 22.1 versions prior to 22.1R3-S4;
* 22.2 versions prior to 22.2R3-S2;
* 22.3 versions prior to 22.3R2-S1, 22.3R3-S1;
* 22.4 versions prior to 22.4R2-S2, 22.4R3;
* 23.1 versions prior to 23.1R2.
This issue does not affect Juniper Networks Junos OS versions prior to 19.4R1.
Severity
5.3 (Medium)
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
- Denial of Service (DoS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA73152 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Unaffected:
0 , < 19.4R1
(semver)
Affected: 20.4 , < 20.4R3-S9 (semver) Affected: 21.1R1 , < 21.1* (semver) Affected: 21.2 , < 21.2R3-S6 (semver) Affected: 21.3 , < 21.3R3-S5 (semver) Affected: 21.4 , < 21.4R3-S5 (semver) Affected: 22.1 , < 22.1R3-S4 (semver) Affected: 22.2 , < 22.2R3-S2 (semver) Affected: 22.3 , < 22.3R2-S1, 22.3R3-S1 (semver) Affected: 22.4 , < 22.4R2-S2, 22.4R3 (semver) Affected: 23.1 , < 23.1R2 (semver) |
Date Public
2023-10-11 16:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:59:51.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA73152"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"NFX Series",
"EX Series",
"QFX Series",
"ACX Series",
"MX Series",
"PTX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "19.4R1",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "20.4R3-S9",
"status": "affected",
"version": "20.4",
"versionType": "semver"
},
{
"lessThan": "21.1*",
"status": "affected",
"version": "21.1R1",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S6",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S5",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S5",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S4",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S2",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R2-S1, 22.3R3-S1",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R2-S2, 22.4R3",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.1R2",
"status": "affected",
"version": "23.1",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eA Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of Juniper Networks Junos OS allows a network-based authenticated attacker to flood the system with multiple telemetry requests, causing the Junos Kernel Debugging Streaming Daemon (jkdsd) process to crash, leading to a Denial of Service (DoS). Continued receipt and processing of telemetry requests will repeatedly crash the jkdsd process and sustain the Denial of Service (DoS) condition.\u003c/p\u003e\u003cp\u003eThis issue is seen on all Junos platforms. The crash is triggered when multiple telemetry requests come from different collectors. As the load increases, the Dynamic Rendering Daemon (drend) decides to defer processing and continue later, which results in a timing issue accessing stale memory, causing the jkdsd process to crash and restart.\u003c/p\u003eNote: jkdsd is not shipped with SRX Series devices and therefore are not affected by this vulnerability.\u003cbr\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003eJuniper Networks Junos OS:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e20.4 versions prior to 20.4R3-S9;\u003c/li\u003e\u003cli\u003e21.1 versions 21.1R1 and later;\u003c/li\u003e\u003cli\u003e21.2 versions prior to 21.2R3-S6;\u003c/li\u003e\u003cli\u003e21.3 versions prior to 21.3R3-S5;\u003c/li\u003e\u003cli\u003e21.4 versions prior to 21.4R3-S5;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R3-S4;\u003c/li\u003e\u003cli\u003e22.2 versions prior to 22.2R3-S2;\u003c/li\u003e\u003cli\u003e22.3 versions prior to 22.3R2-S1, 22.3R3-S1;\u003c/li\u003e\u003cli\u003e22.4 versions prior to 22.4R2-S2, 22.4R3;\u003c/li\u003e\u003cli\u003e23.1 versions prior to 23.1R2.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue does not affect Juniper Networks Junos OS versions prior to 19.4R1.\u003c/p\u003e\n\n"
}
],
"value": "\nA Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of Juniper Networks Junos OS allows a network-based authenticated attacker to flood the system with multiple telemetry requests, causing the Junos Kernel Debugging Streaming Daemon (jkdsd) process to crash, leading to a Denial of Service (DoS). Continued receipt and processing of telemetry requests will repeatedly crash the jkdsd process and sustain the Denial of Service (DoS) condition.\n\nThis issue is seen on all Junos platforms. The crash is triggered when multiple telemetry requests come from different collectors. As the load increases, the Dynamic Rendering Daemon (drend) decides to defer processing and continue later, which results in a timing issue accessing stale memory, causing the jkdsd process to crash and restart.\n\nNote: jkdsd is not shipped with SRX Series devices and therefore are not affected by this vulnerability.\nThis issue affects:\n\nJuniper Networks Junos OS:\n\n\n\n * 20.4 versions prior to 20.4R3-S9;\n * 21.1 versions 21.1R1 and later;\n * 21.2 versions prior to 21.2R3-S6;\n * 21.3 versions prior to 21.3R3-S5;\n * 21.4 versions prior to 21.4R3-S5;\n * 22.1 versions prior to 22.1R3-S4;\n * 22.2 versions prior to 22.2R3-S2;\n * 22.3 versions prior to 22.3R2-S1, 22.3R3-S1;\n * 22.4 versions prior to 22.4R2-S2, 22.4R3;\n * 23.1 versions prior to 23.1R2.\n\n\n\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 19.4R1.\n\n\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-21T22:14:07.585Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA73152"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S9, 21.2R3-S6, 21.4R3-S5, 22.1R3-S4, 22.2R3-S2, 22.3R2-S1, 22.3R2-S2, 22.3R3-S1, 22.4R2-S2, 22.4R3, 23.1R2, 23.2R1, and all subsequent releases.\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S9, 21.2R3-S6, 21.4R3-S5, 22.1R3-S4, 22.2R3-S2, 22.3R2-S1, 22.3R2-S2, 22.3R3-S1, 22.4R2-S2, 22.4R3, 23.1R2, 23.2R1, and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA73152",
"defect": [
"1734718"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2023-10-11T16:00:00.000Z",
"value": "Initial Publication"
},
{
"lang": "en",
"time": "2023-10-25T16:00:00.000Z",
"value": "SRX Series devices are not vulnerable to this issue"
},
{
"lang": "en",
"time": "2024-02-21T20:00:00.000Z",
"value": "Junos OS 23.2 unaffected (fixed in R1)"
}
],
"title": "Junos OS: jkdsd crash due to multiple telemetry requests",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e"
}
],
"value": "There are no known workarounds for this issue.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-av217"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-44188",
"datePublished": "2023-10-11T20:55:03.190Z",
"dateReserved": "2023-09-26T19:30:27.953Z",
"dateUpdated": "2024-08-02T19:59:51.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44189 (GCVE-0-2023-44189)
Vulnerability from cvelistv5 – Published: 2023-10-11 21:00 – Updated: 2024-09-18 14:34
VLAI
EPSS
Title
Junos OS Evolved: PTX10003 Series: MAC address validation bypass vulnerability
Summary
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device.
This issue affects Juniper Networks Junos OS Evolved on PTX10003 Series:
* All versions prior to 21.4R3-S4-EVO;
* 22.1 versions prior to 22.1R3-S3-EVO;
* 22.2 version 22.2R1-EVO and later versions;
* 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;
* 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO;
* 23.2 versions prior to 23.2R2-EVO.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-346 - Origin Validation Error
- Denial of Service (DoS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA73153 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS Evolved |
Affected:
0 , < 21.4R3-S4-EVO
(semver)
Affected: 22.1 , < 22.1R3-S3-EVO (semver) Affected: 22.2R1-EVO , < 22.2*-EVO (semver) Affected: 22.3 , < 22.3R2-S2-EVO, 22.3R3-S1-EVO (semver) Affected: 22.4 , < 22.4R2-S1-EVO, 22.4R3-EVO (semver) Affected: 23.2 , < 23.2R2-EVO (semver) |
Date Public
2023-10-11 16:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:59:51.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA73153"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44189",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T14:34:36.367068Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T14:34:40.247Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"PTX10003 Series"
],
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.4R3-S4-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S3-EVO",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2*-EVO",
"status": "affected",
"version": "22.2R1-EVO",
"versionType": "semver"
},
{
"lessThan": "22.3R2-S2-EVO, 22.3R3-S1-EVO",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R2-S1-EVO, 22.4R3-EVO",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-EVO",
"status": "affected",
"version": "23.2",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eNo specific configuration is required.\u003c/p\u003e"
}
],
"value": "No specific configuration is required.\n\n"
}
],
"datePublic": "2023-10-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAn Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device.\u003c/p\u003e\u003cp\u003eThis issue affects Juniper Networks Junos OS Evolved on PTX10003 Series:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions prior to 21.4R3-S4-EVO;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R3-S3-EVO;\u003c/li\u003e\u003cli\u003e22.2 version 22.2R1-EVO and later versions;\u003c/li\u003e\u003cli\u003e22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;\u003c/li\u003e\u003cli\u003e22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO;\u003c/li\u003e\u003cli\u003e23.2 versions prior to 23.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\n"
}
],
"value": "\nAn Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device.\n\nThis issue affects Juniper Networks Junos OS Evolved on PTX10003 Series:\n\n\n\n * All versions prior to 21.4R3-S4-EVO;\n * 22.1 versions prior to 22.1R3-S3-EVO;\n * 22.2 version 22.2R1-EVO and later versions;\n * 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;\n * 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO;\n * 23.2 versions prior to 23.2R2-EVO.\n\n\n\n\n\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-11T21:10:46.791Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA73153"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: Junos OS Evolved 21.4R3-S4-EVO, 22.1R3-S3-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.4R2-S1-EVO, 22.4R3-EVO, 23.2R2-EVO, 23.3R1-EVO, and all subsequent releases.\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 21.4R3-S4-EVO, 22.1R3-S3-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.4R2-S1-EVO, 22.4R3-EVO, 23.2R2-EVO, 23.3R1-EVO, and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA73153",
"defect": [
"1732283"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2023-10-11T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS Evolved: PTX10003 Series: MAC address validation bypass vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e"
}
],
"value": "There are no known workarounds for this issue.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-av217"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-44189",
"datePublished": "2023-10-11T21:00:54.637Z",
"dateReserved": "2023-09-26T19:30:27.953Z",
"dateUpdated": "2024-09-18T14:34:40.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44190 (GCVE-0-2023-44190)
Vulnerability from cvelistv5 – Published: 2023-10-11 21:04 – Updated: 2024-09-18 14:32
VLAI
EPSS
Title
Junos OS Evolved: PTX10001, PTX10004, PTX10008, PTX10016: MAC address validation bypass vulnerability
Summary
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016 devices allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device.
This issue affects Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016:
* All versions prior to 21.4R3-S5-EVO;
* 22.1 versions prior to 22.1R3-S4-EVO;
* 22.2 versions 22.2R1-EVO and later;
* 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;
* 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO;
* 23.2 versions prior to 23.2R1-S1-EVO, 23.2R2-EVO.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-346 - Origin Validation Error
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA73154 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS Evolved |
Affected:
0 , < 21.4R3-S5-EVO
(semver)
Affected: 22.1 , < 22.1R3-S4-EVO (semver) Affected: 22.2R1-EVO , < 22.2*-EVO (semver) Affected: 22.3 , < 22.3R2-S2-EVO, 22.3R3-S1-EVO (semver) Affected: 22.4 , < 22.4R2-S1-EVO, 22.4R3-EVO (semver) Affected: 23.2 , < 23.2R1-S1-EVO, 23.2R2-EVO (semver) |
Date Public
2023-10-11 16:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:59:51.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA73154"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T14:32:10.891227Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T14:32:43.527Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"PTX10001",
"PTX10004",
"PTX10008",
"PTX10016"
],
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.4R3-S5-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S4-EVO",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2*-EVO",
"status": "affected",
"version": "22.2R1-EVO",
"versionType": "semver"
},
{
"lessThan": "22.3R2-S2-EVO, 22.3R3-S1-EVO",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R2-S1-EVO, 22.4R3-EVO",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R1-S1-EVO, 23.2R2-EVO",
"status": "affected",
"version": "23.2",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eNo specific configuration is required.\u003c/p\u003e"
}
],
"value": "No specific configuration is required.\n\n"
}
],
"datePublic": "2023-10-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAn Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016 devices allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device.\u003c/p\u003e\u003cp\u003eThis issue affects Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions prior to 21.4R3-S5-EVO;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R3-S4-EVO;\u003c/li\u003e\u003cli\u003e22.2 versions 22.2R1-EVO and later;\u003c/li\u003e\u003cli\u003e22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;\u003c/li\u003e\u003cli\u003e22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO;\u003c/li\u003e\u003cli\u003e23.2 versions prior to 23.2R1-S1-EVO, 23.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\n"
}
],
"value": "\nAn Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016 devices allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device.\n\nThis issue affects Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016:\n\n\n\n * All versions prior to 21.4R3-S5-EVO;\n * 22.1 versions prior to 22.1R3-S4-EVO;\n * 22.2 versions 22.2R1-EVO and later;\n * 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;\n * 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO;\n * 23.2 versions prior to 23.2R1-S1-EVO, 23.2R2-EVO.\n\n\n\n\n\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-11T21:11:10.663Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA73154"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: Junos OS Evolved 21.4R3-S5-EVO, 22.1R3-S4-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.4R2-S1-EVO, 22.4R3-EVO, 23.2R1-S1-EVO, 23.2R2-EVO, 23.3R1-EVO, and all subsequent releases.\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 21.4R3-S5-EVO, 22.1R3-S4-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.4R2-S1-EVO, 22.4R3-EVO, 23.2R1-S1-EVO, 23.2R2-EVO, 23.3R1-EVO, and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA73154",
"defect": [
"1735224"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-10-11T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS Evolved: PTX10001, PTX10004, PTX10008, PTX10016: MAC address validation bypass vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e"
}
],
"value": "There are no known workarounds for this issue.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-av217"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-44190",
"datePublished": "2023-10-11T21:04:01.884Z",
"dateReserved": "2023-09-26T19:30:27.953Z",
"dateUpdated": "2024-09-18T14:32:43.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44191 (GCVE-0-2023-44191)
Vulnerability from cvelistv5 – Published: 2023-10-12 23:03 – Updated: 2024-09-19 14:14
VLAI
EPSS
Title
Junos OS: QFX5000 Series and EX4000 Series: Denial of Service (DoS) on a large scale VLAN due to PFE hogging
Summary
An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS).
On all Junos OS QFX5000 Series and EX4000 Series platforms, when a high number of VLANs are configured, a specific DHCP packet will cause PFE hogging which will lead to dropping of socket connections.
This issue affects:
Juniper Networks Junos OS on QFX5000 Series and EX4000 Series
* 21.1 versions prior to 21.1R3-S5;
* 21.2 versions prior to 21.2R3-S5;
* 21.3 versions prior to 21.3R3-S5;
* 21.4 versions prior to 21.4R3-S4;
* 22.1 versions prior to 22.1R3-S3;
* 22.2 versions prior to 22.2R3-S1;
* 22.3 versions prior to 22.3R2-S2, 22.3R3;
* 22.4 versions prior to 22.4R2.
This issue does not affect Juniper Networks Junos OS versions prior to 21.1R1
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
- Denial of Service (DoS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA73155 | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Unaffected:
0 , < 21.1R1
(semver)
Affected: 21.1 , < 21.1R3-S5 (semver) Affected: 21.2 , < 21.2R3-S5 (semver) Affected: 21.3 , < 21.3R3-S5 (semver) Affected: 21.4 , < 21.4R3-S4 (semver) Affected: 22.1 , < 22.1R3-S3 (semver) Affected: 22.2 , < 22.2R3-S1 (semver) Affected: 22.3 , < 22.3R2-S2, 22.3R3 (semver) Affected: 22.4 , < 22.4R2 (semver) |
|
| juniper_networks | junos_os |
Affected:
0 , < 21.1r1
(semver)
Affected: 21.1 , < 21.1r3-s5 (semver) Affected: 21.2 , < 21.2r3-s5 (semver) Affected: 21.3 , < 21.3r3-s5 (semver) Affected: 21.4 , < 21.4r3-s4 (semver) Affected: 22.1 , < ss.1r3-s3 (semver) Affected: 22.2 , < 22.2r3-s1 (semver) Affected: 22.3 , < 22.3r2-s2 (semver) Affected: 22.4 , < 22.4r2 (semver) cpe:2.3:o:juniper_networks:junos_os:*:*:*:*:*:*:*:* |
Date Public
2023-10-11 16:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:59:51.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA73155"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:juniper_networks:junos_os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "junos_os",
"vendor": "juniper_networks",
"versions": [
{
"lessThan": "21.1r1",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.1r3-s5",
"status": "affected",
"version": "21.1",
"versionType": "semver"
},
{
"lessThan": "21.2r3-s5",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3r3-s5",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4r3-s4",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "ss.1r3-s3",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2r3-s1",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3r2-s2",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4r2",
"status": "affected",
"version": "22.4",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T14:10:10.810352Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T14:14:17.438Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"QFX5000 Series",
"EX4000 Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.1R1",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.1R3-S5",
"status": "affected",
"version": "21.1",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S5",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S5",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S4",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S3",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S1",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R2-S2, 22.3R3",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R2",
"status": "affected",
"version": "22.4",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAn Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS).\u003c/p\u003e\u003cp\u003eOn all Junos OS QFX5000 Series and EX4000 Series platforms, when a high number of VLANs are configured, a specific DHCP packet will cause PFE hogging which will lead to dropping of socket connections.\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003eJuniper Networks Junos OS on QFX5000 Series and EX4000 Series\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e21.1 versions prior to 21.1R3-S5;\u003c/li\u003e\u003cli\u003e21.2 versions prior to 21.2R3-S5;\u003c/li\u003e\u003cli\u003e21.3 versions prior to 21.3R3-S5;\u003c/li\u003e\u003cli\u003e21.4 versions prior to 21.4R3-S4;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R3-S3;\u003c/li\u003e\u003cli\u003e22.2 versions prior to 22.2R3-S1;\u003c/li\u003e\u003cli\u003e22.3 versions prior to 22.3R2-S2, 22.3R3;\u003c/li\u003e\u003cli\u003e22.4 versions prior to 22.4R2.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue does not affect Juniper Networks Junos OS versions prior to 21.1R1\u003c/p\u003e\n\n"
}
],
"value": "\nAn Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS).\n\nOn all Junos OS QFX5000 Series and EX4000 Series platforms, when a high number of VLANs are configured, a specific DHCP packet will cause PFE hogging which will lead to dropping of socket connections.\n\nThis issue affects:\n\nJuniper Networks Junos OS on QFX5000 Series and EX4000 Series\n\n\n\n * 21.1 versions prior to 21.1R3-S5;\n * 21.2 versions prior to 21.2R3-S5;\n * 21.3 versions prior to 21.3R3-S5;\n * 21.4 versions prior to 21.4R3-S4;\n * 22.1 versions prior to 22.1R3-S3;\n * 22.2 versions prior to 22.2R3-S1;\n * 22.3 versions prior to 22.3R2-S2, 22.3R3;\n * 22.4 versions prior to 22.4R2.\n\n\n\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 21.1R1\n\n\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-12T23:03:20.746Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA73155"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: Junos OS 21.2R3-S5, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2, 23.2R1, and all subsequent releases.\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 21.2R3-S5, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2, 23.2R1, and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA73155",
"defect": [
"1711644"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2023-10-11T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS: QFX5000 Series and EX4000 Series: Denial of Service (DoS) on a large scale VLAN due to PFE hogging",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e"
}
],
"value": "There are no known workarounds for this issue.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-av217"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-44191",
"datePublished": "2023-10-12T23:03:20.746Z",
"dateReserved": "2023-09-26T19:30:27.953Z",
"dateUpdated": "2024-09-19T14:14:17.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44192 (GCVE-0-2023-44192)
Vulnerability from cvelistv5 – Published: 2023-10-12 23:03 – Updated: 2024-09-18 14:21
VLAI
EPSS
Title
Junos OS: QFX5000 Series: DMA memory leak is observed when specific DHCP packets are transmitted over pseudo-VTEP
Summary
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS).
On all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific DHCP packets are transmitted, DMA memory leak is observed. Continuous receipt of these specific DHCP packets will cause memory leak to reach 99% and then cause the protocols to stop working and traffic is impacted, leading to Denial of Service (DoS) condition. A manual reboot of the system recovers from the memory leak.
To confirm the memory leak, monitor for "sheaf:possible leak" and "vtep not found" messages in the logs.
This issue affects:
Juniper Networks Junos OS QFX5000 Series:
* All versions prior to 20.4R3-S6;
* 21.1 versions prior to 21.1R3-S5;
* 21.2 versions prior to 21.2R3-S5;
* 21.3 versions prior to 21.3R3-S4;
* 21.4 versions prior to 21.4R3-S3;
* 22.1 versions prior to 22.1R3-S2;
* 22.2 versions prior to 22.2R2-S2, 22.2R3;
* 22.3 versions prior to 22.3R2-S1, 22.3R3;
* 22.4 versions prior to 22.4R1-S2, 22.4R2.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
- Denial of Service (DoS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA73156 | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 20.4R3-S6
(semver)
Affected: 21.1 , < 21.1R3-S5 (semver) Affected: 21.2 , < 21.2R3-S5 (semver) Affected: 21.3 , < 21.3R3-S4 (semver) Affected: 21.4 , < 21.4R3-S3 (semver) Affected: 22.1 , < 22.1R3-S2 (semver) Affected: 22.2 , < 22.2R2-S2, 22.2R3 (semver) Affected: 22.3 , < 22.3R2-S1, 22.3R3 (semver) Affected: 22.4 , < 22.4R1-S2, 22.4R2 (semver) |
|
| juniper_networks | junos_os |
Affected:
0 , < 20.4r3-s6
(semver)
Affected: 21.1 , < 21.1r3-s5 (semver) Affected: 21.2 , < 21.2r3-s5 (semver) Affected: 21.3 , < 21.3r3-s4 (semver) Affected: 21.4 , < 21.4r3-s3 (semver) Affected: 22.1 , < 22.1r3-s2 (semver) Affected: 22.2 , < 22.2r2-s2 (semver) Affected: 22.2 , < 22.2r3 (semver) Affected: 22.3 , < 22.3r2-s1 (custom) Affected: 22.3 , < 22..3r3 (custom) Affected: 22.4 , < 22.4r2-s2 (custom) Affected: 22.4 , < 22.4r2 (custom) cpe:2.3:o:juniper_networks:junos_os:*:*:*:*:*:*:*:* |
Date Public
2023-10-11 16:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:59:51.573Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA73156"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:juniper_networks:junos_os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "junos_os",
"vendor": "juniper_networks",
"versions": [
{
"lessThan": "20.4r3-s6",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.1r3-s5",
"status": "affected",
"version": "21.1",
"versionType": "semver"
},
{
"lessThan": "21.2r3-s5",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3r3-s4",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4r3-s3",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.1r3-s2",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2r2-s2",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.2r3",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3r2-s1",
"status": "affected",
"version": "22.3",
"versionType": "custom"
},
{
"lessThan": "22..3r3",
"status": "affected",
"version": "22.3",
"versionType": "custom"
},
{
"lessThan": "22.4r2-s2",
"status": "affected",
"version": "22.4",
"versionType": "custom"
},
{
"lessThan": "22.4r2",
"status": "affected",
"version": "22.4",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44192",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T14:03:43.315994Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T14:21:02.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"QFX5000 Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S6",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.1R3-S5",
"status": "affected",
"version": "21.1",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S5",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S4",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S3",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S2",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R2-S2, 22.2R3",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R2-S1, 22.3R3",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R1-S2, 22.4R2",
"status": "affected",
"version": "22.4",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFor this issue to surface, shared tunnels need to be configured under EVPN-VXLAN scenario.\u003c/p\u003e\u003ctt\u003e[ forwarding-options evpn-vxlan shared-tunnels ]\u003c/tt\u003e"
}
],
"value": "For this issue to surface, shared tunnels need to be configured under EVPN-VXLAN scenario.\n\n[ forwarding-options evpn-vxlan shared-tunnels ]"
}
],
"datePublic": "2023-10-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAn Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS).\u003c/p\u003e\u003cp\u003eOn all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific DHCP packets are transmitted, DMA memory leak is observed. Continuous receipt of these specific DHCP packets will cause memory leak to reach 99% and then cause the protocols to stop working and traffic is impacted, leading to Denial of Service (DoS) condition. A manual reboot of the system recovers from the memory leak.\u003c/p\u003e\u003cp\u003eTo confirm the memory leak, monitor for \"sheaf:possible leak\" and \"vtep not found\" messages in the logs.\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003eJuniper Networks Junos OS QFX5000 Series:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions prior to 20.4R3-S6;\u003c/li\u003e\u003cli\u003e21.1 versions prior to 21.1R3-S5;\u003c/li\u003e\u003cli\u003e21.2 versions prior to 21.2R3-S5;\u003c/li\u003e\u003cli\u003e21.3 versions prior to 21.3R3-S4;\u003c/li\u003e\u003cli\u003e21.4 versions prior to 21.4R3-S3;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R3-S2;\u003c/li\u003e\u003cli\u003e22.2 versions prior to 22.2R2-S2, 22.2R3;\u003c/li\u003e\u003cli\u003e22.3 versions prior to 22.3R2-S1, 22.3R3;\u003c/li\u003e\u003cli\u003e22.4 versions prior to 22.4R1-S2, 22.4R2.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\n"
}
],
"value": "\nAn Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS).\n\nOn all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific DHCP packets are transmitted, DMA memory leak is observed. Continuous receipt of these specific DHCP packets will cause memory leak to reach 99% and then cause the protocols to stop working and traffic is impacted, leading to Denial of Service (DoS) condition. A manual reboot of the system recovers from the memory leak.\n\nTo confirm the memory leak, monitor for \"sheaf:possible leak\" and \"vtep not found\" messages in the logs.\n\nThis issue affects:\n\nJuniper Networks Junos OS QFX5000 Series:\n\n\n\n * All versions prior to 20.4R3-S6;\n * 21.1 versions prior to 21.1R3-S5;\n * 21.2 versions prior to 21.2R3-S5;\n * 21.3 versions prior to 21.3R3-S4;\n * 21.4 versions prior to 21.4R3-S3;\n * 22.1 versions prior to 22.1R3-S2;\n * 22.2 versions prior to 22.2R2-S2, 22.2R3;\n * 22.3 versions prior to 22.3R2-S1, 22.3R3;\n * 22.4 versions prior to 22.4R1-S2, 22.4R2.\n\n\n\n\n\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-12T23:03:45.324Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA73156"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S6, 21.1R3-S5, 21.2R3-S5, 21.3R3-S4, 21.4R3-S3, 22.1R3-S2, 22.2R2-S2, 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.2R1, and all subsequent releases.\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S6, 21.1R3-S5, 21.2R3-S5, 21.3R3-S4, 21.4R3-S3, 22.1R3-S2, 22.2R2-S2, 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.2R1, and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA73156",
"defect": [
"1708370"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2023-10-11T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS: QFX5000 Series: DMA memory leak is observed when specific DHCP packets are transmitted over pseudo-VTEP",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e"
}
],
"value": "There are no known workarounds for this issue.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-av217"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-44192",
"datePublished": "2023-10-12T23:03:45.324Z",
"dateReserved": "2023-09-26T19:30:27.954Z",
"dateUpdated": "2024-09-18T14:21:02.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44193 (GCVE-0-2023-44193)
Vulnerability from cvelistv5 – Published: 2023-10-12 23:04 – Updated: 2024-09-17 16:10
VLAI
EPSS
Title
Junos OS: MX Series: An FPC crash is observed when CFM is enabled in a VPLS scenario and a specific LDP related command is run
Summary
An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS).
On all Junos MX Series with MPC1 - MPC9, LC480, LC2101, MX10003, and MX80, when Connectivity-Fault-Management (CFM) is enabled in a VPLS scenario, and a specific LDP related command is run, an FPC will crash and reboot. Continued execution of this specific LDP command can lead to sustained Denial of Service condition.
This issue affects:
Juniper Networks Junos OS on MX Series:
* All versions prior to 20.4R3-S7;
* 21.1 versions prior to 21.1R3-S5;
* 21.2 versions prior to 21.2R3-S4;
* 21.3 versions prior to 21.3R3-S4;
* 21.4 versions prior to 21.4R3-S3;
* 22.1 versions prior to 22.1R3-S1;
* 22.2 versions prior to 22.2R2-S1, 22.2R3;
* 22.3 versions prior to 22.3R1-S2, 22.3R2.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-401 - Improper Release of Memory Before Removing Last Reference
- Denial of Service (DoS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA73157 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 20.4R3-S7
(semver)
Affected: 21.1 , < 21.1R3-S5 (semver) Affected: 21.2 , < 21.2R3-S4 (semver) Affected: 21.3 , < 21.3R3-S4 (semver) Affected: 21.4 , < 21.4R3-S3 (semver) Affected: 22.1 , < 22.1R3-S1 (semver) Affected: 22.2 , < 22.2R2-S1, 22.2R3 (semver) Affected: 22.3 , < 22.3R1-S2, 22.3R2 (semver) |
Date Public
2023-10-11 16:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:59:51.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA73157"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-17T15:53:55.982862Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T16:10:44.571Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"MX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S7",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.1R3-S5",
"status": "affected",
"version": "21.1",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S4",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S4",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S3",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S1",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R2-S1, 22.2R3",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R1-S2, 22.3R2",
"status": "affected",
"version": "22.3",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eFor this issue to occur, following minimal configuration is required.\u003c/p\u003e\u003ccode\u003e[ ldp interface \u0026lt;interface1\u0026gt; ]\u003c/code\u003e\u003cbr\u003e\u003ccode\u003e[ interfaces \u0026lt;interface1\u0026gt; flexible-vlan-tagging ]\u003c/code\u003e\u003cbr\u003e\u003ccode\u003e[ interfaces \u0026lt;interface1\u0026gt; encapsulation vlan-vpls ]\u003c/code\u003e\u003cbr\u003e\u003ccode\u003e[ protocols oam ethernet connectivity-fault-management maintenance-domain \u0026lt;md-name\u0026gt; interface \u0026lt;interface2\u0026gt; ]\u003c/code\u003e\u003cbr\u003e\u003ccode\u003e[ routing-instances \u0026lt;md-name\u0026gt; instance-type vpls ]\u003c/code\u003e\u003cbr\u003e\u003ccode\u003e[ routing-instances \u0026lt;md-name\u0026gt; interface \u0026lt;interface1\u0026gt; ]\u003c/code\u003e\n\n"
}
],
"value": "\nFor this issue to occur, following minimal configuration is required.\n\n[ ldp interface \u003cinterface1\u003e ]\n[ interfaces \u003cinterface1\u003e flexible-vlan-tagging ]\n[ interfaces \u003cinterface1\u003e encapsulation vlan-vpls ]\n[ protocols oam ethernet connectivity-fault-management maintenance-domain \u003cmd-name\u003e interface \u003cinterface2\u003e ]\n[ routing-instances \u003cmd-name\u003e instance-type vpls ]\n[ routing-instances \u003cmd-name\u003e interface \u003cinterface1\u003e ]\n\n"
}
],
"datePublic": "2023-10-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAn Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS).\u003c/p\u003e\u003cp\u003eOn all Junos MX Series with MPC1 - MPC9, LC480, LC2101, MX10003, and MX80, when Connectivity-Fault-Management (CFM) is enabled in a VPLS scenario, and a specific LDP related command is run, an FPC will crash and reboot. Continued execution of this specific LDP command can lead to sustained Denial of Service condition.\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003eJuniper Networks Junos OS on MX Series:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions prior to 20.4R3-S7;\u003c/li\u003e\u003cli\u003e21.1 versions prior to 21.1R3-S5;\u003c/li\u003e\u003cli\u003e21.2 versions prior to 21.2R3-S4;\u003c/li\u003e\u003cli\u003e21.3 versions prior to 21.3R3-S4;\u003c/li\u003e\u003cli\u003e21.4 versions prior to 21.4R3-S3;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R3-S1;\u003c/li\u003e\u003cli\u003e22.2 versions prior to 22.2R2-S1, 22.2R3;\u003c/li\u003e\u003cli\u003e22.3 versions prior to 22.3R1-S2, 22.3R2.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\n"
}
],
"value": "\nAn Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS).\n\nOn all Junos MX Series with MPC1 - MPC9, LC480, LC2101, MX10003, and MX80, when Connectivity-Fault-Management (CFM) is enabled in a VPLS scenario, and a specific LDP related command is run, an FPC will crash and reboot. Continued execution of this specific LDP command can lead to sustained Denial of Service condition.\n\nThis issue affects:\n\nJuniper Networks Junos OS on MX Series:\n\n\n\n * All versions prior to 20.4R3-S7;\n * 21.1 versions prior to 21.1R3-S5;\n * 21.2 versions prior to 21.2R3-S4;\n * 21.3 versions prior to 21.3R3-S4;\n * 21.4 versions prior to 21.4R3-S3;\n * 22.1 versions prior to 22.1R3-S1;\n * 22.2 versions prior to 22.2R2-S1, 22.2R3;\n * 22.3 versions prior to 22.3R1-S2, 22.3R2.\n\n\n\n\n\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401 Improper Release of Memory Before Removing Last Reference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-12T23:04:00.332Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA73157"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S7, 21.1R3-S5, 21.2R3-S4, 21.3R3-S4, 21.4R3-S3, 22.1R3-S1, 22.2R2-S1, 22.2R3, 22.3R1-S2, 22.3R2, 22.4R1, and all subsequent releases.\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S7, 21.1R3-S5, 21.2R3-S4, 21.3R3-S4, 21.4R3-S3, 22.1R3-S1, 22.2R2-S1, 22.2R3, 22.3R1-S2, 22.3R2, 22.4R1, and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA73157",
"defect": [
"1668419"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2023-10-11T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS: MX Series: An FPC crash is observed when CFM is enabled in a VPLS scenario and a specific LDP related command is run",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThis issue can be avoided by disabling CFM MIP functionality.\u003c/p\u003e \u003ctt\u003e[ protocols oam ethernet connectivity-fault-management maintenance-domain mip-half-function none ]\u003c/tt\u003e"
}
],
"value": "This issue can be avoided by disabling CFM MIP functionality.\n\n [ protocols oam ethernet connectivity-fault-management maintenance-domain mip-half-function none ]"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-av217"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-44193",
"datePublished": "2023-10-12T23:04:00.332Z",
"dateReserved": "2023-09-26T19:30:27.955Z",
"dateUpdated": "2024-09-17T16:10:44.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44194 (GCVE-0-2023-44194)
Vulnerability from cvelistv5 – Published: 2023-10-12 23:04 – Updated: 2025-02-27 20:41
VLAI
EPSS
Title
Junos OS: An unauthenticated attacker with local access to the device can create a backdoor with root privileges
Summary
An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to the device to create a backdoor with root privileges. The issue is caused by improper directory permissions on a certain system directory, allowing an attacker with access to this directory to create a backdoor with root privileges.
This issue affects Juniper Networks Junos OS:
* All versions prior to 20.4R3-S5;
* 21.1 versions prior to 21.1R3-S4;
* 21.2 versions prior to 21.2R3-S4;
* 21.3 versions prior to 21.3R3-S3;
* 21.4 versions prior to 21.4R3-S1.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA73158 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 20.4R3-S5
(semver)
Affected: 21.1 , < 21.1R3-S4 (semver) Affected: 21.2 , < 21.2R3-S4 (semver) Affected: 21.3 , < 21.3R3-S3 (semver) Affected: 21.4 , < 21.4R3-S1 (semver) |
Date Public
2023-10-11 16:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:59:51.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA73158"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:49:39.172787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T20:41:40.825Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S5",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.1R3-S4",
"status": "affected",
"version": "21.1",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S4",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S3",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S1",
"status": "affected",
"version": "21.4",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAn Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to the device to create a backdoor with root privileges. The issue is caused by improper directory permissions on a certain system directory, allowing an attacker with access to this directory to create a backdoor with root privileges.\u003c/p\u003e\u003cp\u003eThis issue affects Juniper Networks Junos OS:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions prior to 20.4R3-S5;\u003c/li\u003e\u003cli\u003e21.1 versions prior to 21.1R3-S4;\u003c/li\u003e\u003cli\u003e21.2 versions prior to 21.2R3-S4;\u003c/li\u003e\u003cli\u003e21.3 versions prior to 21.3R3-S3;\u003c/li\u003e\u003cli\u003e21.4 versions prior to 21.4R3-S1.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\n"
}
],
"value": "\nAn Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to the device to create a backdoor with root privileges. The issue is caused by improper directory permissions on a certain system directory, allowing an attacker with access to this directory to create a backdoor with root privileges.\n\nThis issue affects Juniper Networks Junos OS:\n\n\n\n * All versions prior to 20.4R3-S5;\n * 21.1 versions prior to 21.1R3-S4;\n * 21.2 versions prior to 21.2R3-S4;\n * 21.3 versions prior to 21.3R3-S3;\n * 21.4 versions prior to 21.4R3-S1.\n\n\n\n\n\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-12T23:04:18.124Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA73158"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S5, 21.1R3-S4, 21.2R3-S4, 21.3R3-S3, 21.4R3-S1, 22.1R1, and all subsequent releases.\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S5, 21.1R3-S4, 21.2R3-S4, 21.3R3-S3, 21.4R3-S1, 22.1R1, and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA73158",
"defect": [
"1514925"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-10-11T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS: An unauthenticated attacker with local access to the device can create a backdoor with root privileges",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e"
}
],
"value": "There are no known workarounds for this issue.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-av217"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-44194",
"datePublished": "2023-10-12T23:04:18.124Z",
"dateReserved": "2023-09-26T19:30:27.955Z",
"dateUpdated": "2025-02-27T20:41:40.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44195 (GCVE-0-2023-44195)
Vulnerability from cvelistv5 – Published: 2023-10-12 23:04 – Updated: 2024-09-17 16:10
VLAI
EPSS
Title
Junos OS Evolved: Packets which are not destined to the router can reach the RE
Summary
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks Junos OS Evolved allows an unauthenticated network based attacker to cause limited impact to the availability of the system.
If specific packets reach the Routing-Engine (RE) these will be processed normally even if firewall filters are in place which should have prevented this. This can lead to a limited, increased consumption of resources resulting in a Denial-of-Service (DoS), and unauthorized access.
CVE-2023-44196 is a prerequisite for this issue.
This issue affects Juniper Networks Junos OS Evolved:
* 21.3-EVO versions prior to 21.3R3-S5-EVO;
* 21.4-EVO versions prior to 21.4R3-S4-EVO;
* 22.1-EVO version 22.1R1-EVO and later;
* 22.2-EVO version 22.2R1-EVO and later;
* 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;
* 22.4-EVO versions prior to 22.4R3-EVO.
This issue doesn't not affected Junos OS Evolved versions prior to 21.3R1-EVO.
Severity
5.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-923 - Improper Restriction of Communication Channel to Intended Endpoints
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA73160 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS Evolved |
Unaffected:
0 , < 21.3R1-EVO
(semver)
Affected: 21.3-EVO , < 21.3R3-S5-EVO (semver) Affected: 21.4-EVO , < 21.4R3-S4-EVO (semver) Affected: 22.1R1-EVO , < 22.1*-EVO (semver) Affected: 22.2R1-EVO , < 22.2*-EVO (semver) Affected: 22.3-EVO , < 22.3R2-S2-EVO, 22.3R3-S1-EVO (semver) Affected: 22.4-EVO , < 22.4R3-EVO (semver) |
Date Public
2023-10-11 16:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:59:51.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA73160"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-17T15:53:20.306753Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T16:10:16.450Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.3R1-EVO",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S5-EVO",
"status": "affected",
"version": "21.3-EVO",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S4-EVO",
"status": "affected",
"version": "21.4-EVO",
"versionType": "semver"
},
{
"lessThan": "22.1*-EVO",
"status": "affected",
"version": "22.1R1-EVO",
"versionType": "semver"
},
{
"lessThan": "22.2*-EVO",
"status": "affected",
"version": "22.2R1-EVO",
"versionType": "semver"
},
{
"lessThan": "22.3R2-S2-EVO, 22.3R3-S1-EVO",
"status": "affected",
"version": "22.3-EVO",
"versionType": "semver"
},
{
"lessThan": "22.4R3-EVO",
"status": "affected",
"version": "22.4-EVO",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eAn Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks Junos OS Evolved allows an unauthenticated network based attacker to cause limited impact to the availability of the system.\u003c/p\u003e\u003cp\u003eIf specific packets reach the Routing-Engine (RE) these will be processed normally even if firewall filters are in place which should have prevented this. This can lead to a limited, increased consumption of resources resulting in a Denial-of-Service (DoS), and unauthorized access.\u003c/p\u003e\u003cp\u003eCVE-2023-44196 is a prerequisite for this issue.\u003c/p\u003e\u003cp\u003eThis issue affects Juniper Networks Junos OS Evolved:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e21.3-EVO versions prior to 21.3R3-S5-EVO;\u003c/li\u003e\u003cli\u003e21.4-EVO versions prior to 21.4R3-S4-EVO;\u003c/li\u003e\u003cli\u003e22.1-EVO version 22.1R1-EVO and later;\u003c/li\u003e\u003cli\u003e22.2-EVO version 22.2R1-EVO and later;\u003c/li\u003e\u003cli\u003e22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;\u003c/li\u003e\u003cli\u003e22.4-EVO versions prior to 22.4R3-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis issue doesn\u0027t not affected Junos OS Evolved versions prior to 21.3R1-EVO.\u003c/p\u003e\n\n"
}
],
"value": "\nAn Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks Junos OS Evolved allows an unauthenticated network based attacker to cause limited impact to the availability of the system.\n\nIf specific packets reach the Routing-Engine (RE) these will be processed normally even if firewall filters are in place which should have prevented this. This can lead to a limited, increased consumption of resources resulting in a Denial-of-Service (DoS), and unauthorized access.\n\nCVE-2023-44196 is a prerequisite for this issue.\n\nThis issue affects Juniper Networks Junos OS Evolved:\n\n\n\n * 21.3-EVO versions prior to 21.3R3-S5-EVO;\n * 21.4-EVO versions prior to 21.4R3-S4-EVO;\n * 22.1-EVO version 22.1R1-EVO and later;\n * 22.2-EVO version 22.2R1-EVO and later;\n * 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO;\n * 22.4-EVO versions prior to 22.4R3-EVO.\n\n\n\n\nThis issue doesn\u0027t not affected Junos OS Evolved versions prior to 21.3R1-EVO.\n\n\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-923",
"description": "CWE-923 Improper Restriction of Communication Channel to Intended Endpoints",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-12T23:04:32.068Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA73160"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: Junos OS Evolved 21.3R3-S5-EVO, 21.4R3-S4-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.4R3-EVO, 23.2R1-EVO, and all subsequent releases.\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 21.3R3-S5-EVO, 21.4R3-S4-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.4R3-EVO, 23.2R1-EVO, and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA73160",
"defect": [
"1713989"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2023-10-11T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS Evolved: Packets which are not destined to the router can reach the RE",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e"
}
],
"value": "There are no known workarounds for this issue.\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-av217"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-44195",
"datePublished": "2023-10-12T23:04:32.068Z",
"dateReserved": "2023-09-26T19:30:32.349Z",
"dateUpdated": "2024-09-17T16:10:16.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…