Lucene search

JuniperCVE-2023-22407

HistoryJan 13, 2023 - 12:15 a.m.

CVE-2023-22407

2023-01-1300:15:11

CWE-459

juniper

web.nvd.nist.gov

juniper networks

junos os

junos os evolved

cve-2023-22407

vulnerability

incomplete cleanup

dos

nvd

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

21.8%

JSON

An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). An rpd crash can occur when an MPLS TE tunnel configuration change occurs on a directly connected router. This issue affects: Juniper Networks Junos OS All versions prior to 18.4R2-S7; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R3; 19.3 versions prior to 19.3R3; 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2. Juniper Networks Junos OS Evolved All versions prior to 19.2R3-EVO; 19.3 versions prior to 19.3R3-EVO; 19.4 versions prior to 19.4R3-EVO; 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R2-EVO.

Affected configurations

Nvd

Node

juniperjunosRange<18.4

juniperjunosMatch18.4-

juniperjunosMatch18.4r1

juniperjunosMatch18.4r1-s1

juniperjunosMatch18.4r1-s2

juniperjunosMatch18.4r1-s3

juniperjunosMatch18.4r1-s4

juniperjunosMatch18.4r1-s5

juniperjunosMatch18.4r1-s6

juniperjunosMatch18.4r1-s7

juniperjunosMatch18.4r2

juniperjunosMatch18.4r2-s1

juniperjunosMatch18.4r2-s10

juniperjunosMatch18.4r2-s2

juniperjunosMatch18.4r2-s3

juniperjunosMatch18.4r2-s4

juniperjunosMatch18.4r2-s5

juniperjunosMatch18.4r2-s6

juniperjunosMatch19.1-

juniperjunosMatch19.1r1

juniperjunosMatch19.1r1-s1

juniperjunosMatch19.1r1-s2

juniperjunosMatch19.1r1-s3

juniperjunosMatch19.1r1-s4

juniperjunosMatch19.1r1-s5

juniperjunosMatch19.1r1-s6

juniperjunosMatch19.1r2

juniperjunosMatch19.1r2-s1

juniperjunosMatch19.1r2-s2

juniperjunosMatch19.1r2-s3

juniperjunosMatch19.1r3

juniperjunosMatch19.1r3-s1

juniperjunosMatch19.2-

juniperjunosMatch19.2r1

juniperjunosMatch19.2r1-s1

juniperjunosMatch19.2r1-s2

juniperjunosMatch19.2r1-s3

juniperjunosMatch19.2r1-s4

juniperjunosMatch19.2r1-s5

juniperjunosMatch19.2r1-s6

juniperjunosMatch19.2r1-s7

juniperjunosMatch19.2r1-s8

juniperjunosMatch19.2r1-s9

juniperjunosMatch19.2r2

juniperjunosMatch19.2r2-s1

juniperjunosMatch19.2r3

juniperjunosMatch19.2r3-s1

juniperjunosMatch19.3-

juniperjunosMatch19.3r1

juniperjunosMatch19.3r1-s1

juniperjunosMatch19.3r2

juniperjunosMatch19.3r2-s1

juniperjunosMatch19.3r2-s2

juniperjunosMatch19.3r2-s3

juniperjunosMatch19.3r2-s4

juniperjunosMatch19.3r2-s5

juniperjunosMatch19.3r2-s6

juniperjunosMatch19.4-

juniperjunosMatch19.4r1

juniperjunosMatch19.4r1-s1

juniperjunosMatch19.4r1-s2

juniperjunosMatch19.4r1-s3

juniperjunosMatch19.4r1-s4

juniperjunosMatch19.4r2

juniperjunosMatch19.4r2-s1

juniperjunosMatch19.4r2-s2

juniperjunosMatch19.4r2-s3

juniperjunosMatch19.4r2-s4

juniperjunosMatch19.4r2-s5

juniperjunosMatch19.4r2-s6

juniperjunosMatch19.4r2-s7

juniperjunosMatch20.1-

juniperjunosMatch20.1r1

juniperjunosMatch20.1r1-s1

juniperjunosMatch20.1r1-s2

juniperjunosMatch20.1r1-s3

juniperjunosMatch20.1r1-s4

juniperjunosMatch20.2-

juniperjunosMatch20.2r1

juniperjunosMatch20.2r1-s1

juniperjunosMatch20.2r1-s2

juniperjunosMatch20.2r1-s3

Node

juniperjunos_os_evolvedRange<19.2

juniperjunos_os_evolvedMatch19.2r1

juniperjunos_os_evolvedMatch19.2r2

juniperjunos_os_evolvedMatch19.3r1

juniperjunos_os_evolvedMatch19.3r2

juniperjunos_os_evolvedMatch19.4r1

juniperjunos_os_evolvedMatch19.4r1-s1

juniperjunos_os_evolvedMatch19.4r2

juniperjunos_os_evolvedMatch19.4r2-s1

juniperjunos_os_evolvedMatch19.4r2-s2

juniperjunos_os_evolvedMatch20.1-

juniperjunos_os_evolvedMatch20.1r1

juniperjunos_os_evolvedMatch20.1r1-s1

juniperjunos_os_evolvedMatch20.1r2

juniperjunos_os_evolvedMatch20.1r2-s1

juniperjunos_os_evolvedMatch20.1r2-s2

juniperjunos_os_evolvedMatch20.1r2-s3

juniperjunos_os_evolvedMatch20.1r2-s4

juniperjunos_os_evolvedMatch20.1r2-s5

juniperjunos_os_evolvedMatch20.2-

juniperjunos_os_evolvedMatch20.2r1

juniperjunos_os_evolvedMatch20.2r1-s1

VendorProductVersionCPE
juniperjunos*cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*
juniperjunos18.4cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*
juniperjunos18.4cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*
juniperjunos18.4cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*
juniperjunos18.4cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*
juniperjunos18.4cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*
juniperjunos18.4cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*
juniperjunos18.4cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*
juniperjunos18.4cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*
juniperjunos18.4cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*

Vendor	Product	Version	CPE
juniper	junos	*	cpe:2.3:o:juniper:junos::::::::
juniper	junos	18.4	cpe:2.3:o:juniper:junos:18.4:-::::::
juniper	junos	18.4	cpe:2.3:o:juniper:junos:18.4:r1::::::
juniper	junos	18.4	cpe:2.3:o:juniper:junos:18.4:r1-s1::::::
juniper	junos	18.4	cpe:2.3:o:juniper:junos:18.4:r1-s2::::::
juniper	junos	18.4	cpe:2.3:o:juniper:junos:18.4:r1-s3::::::
juniper	junos	18.4	cpe:2.3:o:juniper:junos:18.4:r1-s4::::::
juniper	junos	18.4	cpe:2.3:o:juniper:junos:18.4:r1-s5::::::
juniper	junos	18.4	cpe:2.3:o:juniper:junos:18.4:r1-s6::::::
juniper	junos	18.4	cpe:2.3:o:juniper:junos:18.4:r1-s7::::::

Rows per page:

1-10 of 1041

CNA Affected

[
  {
    "vendor": "Juniper Networks",
    "product": "Junos OS",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "18.4R2-S7",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "19.1",
        "status": "affected",
        "lessThan": "19.1R3-S2",
        "versionType": "custom"
      },
      {
        "version": "19.2",
        "status": "affected",
        "lessThan": "19.2R3",
        "versionType": "custom"
      },
      {
        "version": "19.3",
        "status": "affected",
        "lessThan": "19.3R3",
        "versionType": "custom"
      },
      {
        "version": "19.4",
        "status": "affected",
        "lessThan": "19.4R3",
        "versionType": "custom"
      },
      {
        "version": "20.1",
        "status": "affected",
        "lessThan": "20.1R2",
        "versionType": "custom"
      },
      {
        "version": "20.2",
        "status": "affected",
        "lessThan": "20.2R2",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Juniper Networks",
    "product": "Junos OS Evolved",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "19.2R3-EVO",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "19.3",
        "status": "affected",
        "lessThan": "19.3R3-EVO",
        "versionType": "custom"
      },
      {
        "version": "19.4",
        "status": "affected",
        "lessThan": "19.4R3-EVO",
        "versionType": "custom"
      },
      {
        "version": "20.1",
        "status": "affected",
        "lessThan": "20.1R3-EVO",
        "versionType": "custom"
      },
      {
        "version": "20.2",
        "status": "affected",
        "lessThan": "20.2R2-EVO",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA70203

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

21.8%

JSON

Related for CVE-2023-22407