Lucene search
JuniperCVE-2023-28964HistoryApr 17, 2023 - 10:15 p.m.
CVE-2023-28964
2023-04-1722:15:08
CWE-130
juniper
web.nvd.nist.gov
25
juniper networks
junos os
vulnerability
rpd
dos
nvd
cve-2023-28964
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
45.5%
An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause an RPD crash leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Upon receipt of a malformed BGP flowspec update, RPD will crash resulting in a Denial of Service. This issue affects Juniper Networks Junos OS: All versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R3-S1; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior to 20.3R1-S1, 20.3R2; Juniper Networks Junos OS Evolved: All versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R2-EVO; 20.3 versions prior to 20.3R2-EVO;
Affected configurations
Node
juniperjunosRange<18.1
ORjuniperjunosMatch18.1-
ORjuniperjunosMatch18.1r
ORjuniperjunosMatch18.1r1
ORjuniperjunosMatch18.1r2
ORjuniperjunosMatch18.1r2-s1
ORjuniperjunosMatch18.1r2-s2
ORjuniperjunosMatch18.1r2-s4
ORjuniperjunosMatch18.1r3
ORjuniperjunosMatch18.1r3-s1
ORjuniperjunosMatch18.1r3-s10
ORjuniperjunosMatch18.1r3-s2
ORjuniperjunosMatch18.1r3-s3
ORjuniperjunosMatch18.1r3-s4
ORjuniperjunosMatch18.1r3-s5
ORjuniperjunosMatch18.1r3-s6
ORjuniperjunosMatch18.1r3-s7
ORjuniperjunosMatch18.1r3-s8
ORjuniperjunosMatch18.1r3-s9
ORjuniperjunosMatch18.1r4
ORjuniperjunosMatch18.2-
ORjuniperjunosMatch18.2r
ORjuniperjunosMatch18.2r1
ORjuniperjunosMatch18.2r1-
ORjuniperjunosMatch18.2r1-s2
ORjuniperjunosMatch18.2r1-s3
ORjuniperjunosMatch18.2r1-s4
ORjuniperjunosMatch18.2r1-s5
ORjuniperjunosMatch18.2r2
ORjuniperjunosMatch18.2r2-s1
ORjuniperjunosMatch18.2r2-s2
ORjuniperjunosMatch18.2r2-s3
ORjuniperjunosMatch18.2r2-s4
ORjuniperjunosMatch18.2r2-s5
ORjuniperjunosMatch18.2r2-s6
ORjuniperjunosMatch18.2r2-s7
ORjuniperjunosMatch18.2r2-s8
ORjuniperjunosMatch18.2r3
ORjuniperjunosMatch18.2r3-s1
ORjuniperjunosMatch18.2r3-s2
ORjuniperjunosMatch18.2r3-s3
ORjuniperjunosMatch18.2r3-s4
ORjuniperjunosMatch18.2r3-s5
ORjuniperjunosMatch18.3-
ORjuniperjunosMatch18.3r
ORjuniperjunosMatch18.3r1
ORjuniperjunosMatch18.3r1-s1
ORjuniperjunosMatch18.3r1-s2
ORjuniperjunosMatch18.3r1-s3
ORjuniperjunosMatch18.3r1-s4
ORjuniperjunosMatch18.3r1-s5
ORjuniperjunosMatch18.3r1-s6
ORjuniperjunosMatch18.3r2
ORjuniperjunosMatch18.3r2-s1
ORjuniperjunosMatch18.3r2-s2
ORjuniperjunosMatch18.3r2-s3
ORjuniperjunosMatch18.3r2-s4
ORjuniperjunosMatch18.3r3
ORjuniperjunosMatch18.3r3-s1
ORjuniperjunosMatch18.3r3-s2
ORjuniperjunosMatch18.3r3-s3
ORjuniperjunosMatch18.4-
ORjuniperjunosMatch18.4r1
ORjuniperjunosMatch18.4r1-s1
ORjuniperjunosMatch18.4r1-s2
ORjuniperjunosMatch18.4r1-s3
ORjuniperjunosMatch18.4r1-s4
ORjuniperjunosMatch18.4r1-s5
ORjuniperjunosMatch18.4r1-s6
ORjuniperjunosMatch18.4r1-s7
ORjuniperjunosMatch18.4r2
ORjuniperjunosMatch18.4r2-s1
ORjuniperjunosMatch18.4r2-s10
ORjuniperjunosMatch18.4r2-s2
ORjuniperjunosMatch18.4r2-s3
ORjuniperjunosMatch18.4r2-s4
ORjuniperjunosMatch18.4r2-s5
ORjuniperjunosMatch18.4r2-s6
ORjuniperjunosMatch18.4r2-s7
ORjuniperjunosMatch18.4r2-s8
ORjuniperjunosMatch18.4r2-s9
ORjuniperjunosMatch18.4r3
ORjuniperjunosMatch18.4r3-s1
ORjuniperjunosMatch18.4r3-s10
ORjuniperjunosMatch18.4r3-s11
ORjuniperjunosMatch18.4r3-s2
ORjuniperjunosMatch18.4r3-s3
ORjuniperjunosMatch18.4r3-s4
ORjuniperjunosMatch18.4r3-s5
ORjuniperjunosMatch19.1-
ORjuniperjunosMatch19.1r1
ORjuniperjunosMatch19.1r1-s1
ORjuniperjunosMatch19.1r1-s2
ORjuniperjunosMatch19.1r1-s3
ORjuniperjunosMatch19.1r1-s4
ORjuniperjunosMatch19.1r1-s5
ORjuniperjunosMatch19.1r1-s6
ORjuniperjunosMatch19.1r2
ORjuniperjunosMatch19.1r2-s1
ORjuniperjunosMatch19.1r2-s2
ORjuniperjunosMatch19.1r2-s3
ORjuniperjunosMatch19.1r3
ORjuniperjunosMatch19.1r3-s1
ORjuniperjunosMatch19.1r3-s2
ORjuniperjunosMatch19.1r3-s3
ORjuniperjunosMatch19.2-
ORjuniperjunosMatch19.2r1
ORjuniperjunosMatch19.2r1-s1
ORjuniperjunosMatch19.2r1-s2
ORjuniperjunosMatch19.2r1-s3
ORjuniperjunosMatch19.2r1-s4
ORjuniperjunosMatch19.2r1-s5
ORjuniperjunosMatch19.2r1-s6
ORjuniperjunosMatch19.2r1-s7
ORjuniperjunosMatch19.2r1-s8
ORjuniperjunosMatch19.2r1-s9
ORjuniperjunosMatch19.2r2
ORjuniperjunosMatch19.2r2-s1
ORjuniperjunosMatch19.2r3
ORjuniperjunosMatch19.3-
ORjuniperjunosMatch19.3r1
ORjuniperjunosMatch19.3r1-s1
ORjuniperjunosMatch19.3r2
ORjuniperjunosMatch19.3r2-s1
ORjuniperjunosMatch19.3r2-s2
ORjuniperjunosMatch19.3r2-s3
ORjuniperjunosMatch19.3r2-s4
ORjuniperjunosMatch19.3r2-s5
ORjuniperjunosMatch19.3r2-s6
ORjuniperjunosMatch19.3r2-s7
ORjuniperjunosMatch19.3r3
ORjuniperjunosMatch19.4-
ORjuniperjunosMatch19.4r1
ORjuniperjunosMatch19.4r1-s1
ORjuniperjunosMatch19.4r1-s2
ORjuniperjunosMatch19.4r1-s3
ORjuniperjunosMatch19.4r1-s4
ORjuniperjunosMatch19.4r2
ORjuniperjunosMatch19.4r2-s1
ORjuniperjunosMatch19.4r2-s2
ORjuniperjunosMatch19.4r2-s3
ORjuniperjunosMatch19.4r2-s4
ORjuniperjunosMatch19.4r2-s5
ORjuniperjunosMatch19.4r2-s6
ORjuniperjunosMatch19.4r2-s7
ORjuniperjunosMatch20.1-
ORjuniperjunosMatch20.1r1
ORjuniperjunosMatch20.1r1-s1
ORjuniperjunosMatch20.1r1-s2
ORjuniperjunosMatch20.1r1-s3
ORjuniperjunosMatch20.1r1-s4
ORjuniperjunosMatch20.2-
ORjuniperjunosMatch20.2r1
ORjuniperjunosMatch20.2r1-s1
ORjuniperjunosMatch20.2r1-s2
ORjuniperjunosMatch20.2r1-s3
ORjuniperjunosMatch20.3-
ORjuniperjunosMatch20.3r1
Node
juniperjunos_os_evolvedRange<20.1
ORjuniperjunos_os_evolvedMatch20.1-
ORjuniperjunos_os_evolvedMatch20.1r1
ORjuniperjunos_os_evolvedMatch20.1r1-s1
ORjuniperjunos_os_evolvedMatch20.1r2
ORjuniperjunos_os_evolvedMatch20.1r2-s1
ORjuniperjunos_os_evolvedMatch20.1r2-s2
ORjuniperjunos_os_evolvedMatch20.1r2-s3
ORjuniperjunos_os_evolvedMatch20.1r2-s4
ORjuniperjunos_os_evolvedMatch20.1r2-s5
ORjuniperjunos_os_evolvedMatch20.2-
ORjuniperjunos_os_evolvedMatch20.2r1
ORjuniperjunos_os_evolvedMatch20.2r1-s1
ORjuniperjunos_os_evolvedMatch20.3-
ORjuniperjunos_os_evolvedMatch20.3r1
ORjuniperjunos_os_evolvedMatch20.3r1-s1
ORjuniperjunos_os_evolvedMatch20.3r1-s2
ORjuniperjunos_os_evolvedMatch20.3r1-s3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| juniper | junos | * | cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* |
| juniper | junos | 18.1 | cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:* |
| juniper | junos | 18.1 | cpe:2.3:o:juniper:junos:18.1:r:*:*:*:*:*:* |
| juniper | junos | 18.1 | cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:* |
| juniper | junos | 18.1 | cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:* |
| juniper | junos | 18.1 | cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:* |
| juniper | junos | 18.1 | cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:* |
| juniper | junos | 18.1 | cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:* |
| juniper | junos | 18.1 | cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:* |
| juniper | junos | 18.1 | cpe:2.3:o:juniper:junos:18.1:r3-s1:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Juniper Networks",
"product": "Junos OS",
"versions": [
{
"version": "unspecified",
"lessThan": "18.1R3-S11",
"status": "affected",
"versionType": "custom"
},
{
"version": "18.2",
"status": "affected",
"lessThan": "18.2R3-S6",
"versionType": "custom"
},
{
"version": "18.3",
"status": "affected",
"lessThan": "18.3R3-S4",
"versionType": "custom"
},
{
"version": "18.4",
"status": "affected",
"lessThan": "18.4R3-S6",
"versionType": "custom"
},
{
"version": "19.1",
"status": "affected",
"lessThan": "19.1R3-S4",
"versionType": "custom"
},
{
"version": "19.2",
"status": "affected",
"lessThan": "19.2R3-S1",
"versionType": "custom"
},
{
"version": "19.3",
"status": "affected",
"lessThan": "19.3R3-S1",
"versionType": "custom"
},
{
"version": "19.4",
"status": "affected",
"lessThan": "19.4R3",
"versionType": "custom"
},
{
"version": "20.1",
"status": "affected",
"lessThan": "20.1R2",
"versionType": "custom"
},
{
"version": "20.2",
"status": "affected",
"lessThan": "20.2R2",
"versionType": "custom"
},
{
"version": "20.3",
"status": "affected",
"lessThan": "20.3R1-S1, 20.3R2",
"versionType": "custom"
}
]
},
{
"vendor": "Juniper Networks",
"product": "Junos OS Evolved",
"versions": [
{
"version": "unspecified",
"lessThan": "20.1R3-EVO",
"status": "affected",
"versionType": "custom"
},
{
"version": "20.2",
"status": "affected",
"lessThan": "20.2R2-EVO",
"versionType": "custom"
},
{
"version": "20.3",
"status": "affected",
"lessThan": "20.3R2-EVO",
"versionType": "custom"
}
]
}
]References
Related
nessus
nessus
Juniper Junos OS Vulnerability (JSA70588)
2023-04-13 00:00:00
prion
prion
Input validation
2023-04-17 22:15:00
nvd
nvd
CVE-2023-28964
2023-04-17 22:15:08
cvelist
cvelist
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
45.5%
Related for CVE-2023-28964