Lucene search
HistoryOct 12, 2023 - 11:15 p.m.
CVE-2023-36839
cve-2023-36839
juniper networks
junos os
junos os evolved
security vulnerability
input validation
layer-2 control protocols
dos
nvd
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
12.9%
An Improper Validation of Specified Quantity in Input vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker who sends specific LLDP packets to cause a Denial of Service(DoS).
This issue occurs when specific LLDP packets are received and telemetry polling is being done on the device. The impact of the l2cpd crash is reinitialization of STP protocols (RSTP, MSTP or VSTP), and MVRP and ERP. Also, if any services depend on LLDP state (like PoE or VoIP device recognition), then these will also be affected.
This issue affects:
Juniper Networks Junos OS
- All versions prior to 20.4R3-S8;
- 21.1 version 21.1R1 and later versions;
- 21.2 versions prior to 21.2R3-S5;
- 21.3 versions prior to 21.3R3-S4;
- 21.4 versions prior to 21.4R3-S3;
- 22.1 versions prior to 22.1R3-S2;
- 22.2 versions prior to 22.2R3;
- 22.3 versions prior to 22.3R2-S2;
- 22.4 versions prior to 22.4R2;
Juniper Networks Junos OS Evolved
- All versions prior to 20.4R3-S8-EVO;
- 21.1 version 21.1R1-EVO and later versions;
- 21.2 versions prior to 21.2R3-S5-EVO;
- 21.3 versions prior to 21.3R3-S4-EVO;
- 21.4 versions prior to 21.4R3-S3-EVO;
- 22.1 versions prior to 22.1R3-S2-EVO;
- 22.2 versions prior to 22.2R3-EVO;
- 22.3 versions prior to 22.3R2-S2-EVO;
- 22.4 versions prior to 22.4R1-S1-EVO;
Affected configurations
Node
juniperjunosRange<20.4
ORjuniperjunosMatch20.4-
ORjuniperjunosMatch20.4r1
ORjuniperjunosMatch20.4r1-s1
ORjuniperjunosMatch20.4r2
ORjuniperjunosMatch20.4r2-s1
ORjuniperjunosMatch20.4r2-s2
ORjuniperjunosMatch20.4r3
ORjuniperjunosMatch20.4r3-s1
ORjuniperjunosMatch20.4r3-s2
ORjuniperjunosMatch20.4r3-s3
ORjuniperjunosMatch20.4r3-s4
ORjuniperjunosMatch20.4r3-s5
ORjuniperjunosMatch20.4r3-s6
ORjuniperjunosMatch20.4r3-s7
ORjuniperjunosMatch21.1r1
ORjuniperjunosMatch21.1r1-s1
ORjuniperjunosMatch21.1r2
ORjuniperjunosMatch21.1r2-s1
ORjuniperjunosMatch21.1r2-s2
ORjuniperjunosMatch21.1r3
ORjuniperjunosMatch21.1r3-s1
ORjuniperjunosMatch21.1r3-s2
ORjuniperjunosMatch21.1r3-s3
ORjuniperjunosMatch21.1r3-s4
ORjuniperjunosMatch21.1r3-s5
ORjuniperjunosMatch21.2-
ORjuniperjunosMatch21.2r1
ORjuniperjunosMatch21.2r1-s1
ORjuniperjunosMatch21.2r1-s2
ORjuniperjunosMatch21.2r2
ORjuniperjunosMatch21.2r2-s1
ORjuniperjunosMatch21.2r2-s2
ORjuniperjunosMatch21.2r3
ORjuniperjunosMatch21.2r3-s1
ORjuniperjunosMatch21.2r3-s2
ORjuniperjunosMatch21.2r3-s3
ORjuniperjunosMatch21.2r3-s4
ORjuniperjunosMatch21.3-
ORjuniperjunosMatch21.3r1
ORjuniperjunosMatch21.3r1-s1
ORjuniperjunosMatch21.3r1-s2
ORjuniperjunosMatch21.3r2
ORjuniperjunosMatch21.3r2-s1
ORjuniperjunosMatch21.3r2-s2
ORjuniperjunosMatch21.3r3
ORjuniperjunosMatch21.3r3-s1
ORjuniperjunosMatch21.3r3-s2
ORjuniperjunosMatch21.3r3-s3
ORjuniperjunosMatch21.4-
ORjuniperjunosMatch21.4r1
ORjuniperjunosMatch21.4r1-s1
ORjuniperjunosMatch21.4r1-s2
ORjuniperjunosMatch21.4r2
ORjuniperjunosMatch21.4r2-s1
ORjuniperjunosMatch21.4r2-s2
ORjuniperjunosMatch21.4r3
ORjuniperjunosMatch21.4r3-s1
ORjuniperjunosMatch21.4r3-s2
ORjuniperjunosMatch22.1r1
ORjuniperjunosMatch22.1r1-s1
ORjuniperjunosMatch22.1r1-s2
ORjuniperjunosMatch22.1r2
ORjuniperjunosMatch22.1r2-s1
ORjuniperjunosMatch22.1r2-s2
ORjuniperjunosMatch22.1r3
ORjuniperjunosMatch22.1r3-s1
ORjuniperjunosMatch22.2r1
ORjuniperjunosMatch22.2r1-s1
ORjuniperjunosMatch22.2r1-s2
ORjuniperjunosMatch22.2r2
ORjuniperjunosMatch22.2r2-s1
ORjuniperjunosMatch22.2r2-s2
ORjuniperjunosMatch22.3r1
ORjuniperjunosMatch22.3r1-s1
ORjuniperjunosMatch22.3r1-s2
ORjuniperjunosMatch22.3r2
ORjuniperjunosMatch22.3r2-s1
ORjuniperjunosMatch22.4r1
ORjuniperjunosMatch22.4r1-s1
ORjuniperjunosMatch22.4r1-s2
Node
juniperjunos_os_evolvedRange<20.4
ORjuniperjunos_os_evolvedMatch20.4-
ORjuniperjunos_os_evolvedMatch20.4r1
ORjuniperjunos_os_evolvedMatch20.4r1-s1
ORjuniperjunos_os_evolvedMatch20.4r1-s2
ORjuniperjunos_os_evolvedMatch20.4r2
ORjuniperjunos_os_evolvedMatch20.4r2-s1
ORjuniperjunos_os_evolvedMatch20.4r2-s2
ORjuniperjunos_os_evolvedMatch20.4r2-s3
ORjuniperjunos_os_evolvedMatch20.4r3
ORjuniperjunos_os_evolvedMatch20.4r3-s1
ORjuniperjunos_os_evolvedMatch20.4r3-s2
ORjuniperjunos_os_evolvedMatch20.4r3-s3
ORjuniperjunos_os_evolvedMatch20.4r3-s4
ORjuniperjunos_os_evolvedMatch20.4r3-s5
ORjuniperjunos_os_evolvedMatch20.4r3-s6
ORjuniperjunos_os_evolvedMatch20.4r3-s7
ORjuniperjunos_os_evolvedMatch21.1r1
ORjuniperjunos_os_evolvedMatch21.1r1-s1
ORjuniperjunos_os_evolvedMatch21.1r2
ORjuniperjunos_os_evolvedMatch21.1r3
ORjuniperjunos_os_evolvedMatch21.1r3-s1
ORjuniperjunos_os_evolvedMatch21.1r3-s2
ORjuniperjunos_os_evolvedMatch21.1r3-s3
ORjuniperjunos_os_evolvedMatch21.2-
ORjuniperjunos_os_evolvedMatch21.2r1
ORjuniperjunos_os_evolvedMatch21.2r1-s1
ORjuniperjunos_os_evolvedMatch21.2r1-s2
ORjuniperjunos_os_evolvedMatch21.2r2
ORjuniperjunos_os_evolvedMatch21.2r2-s1
ORjuniperjunos_os_evolvedMatch21.2r2-s2
ORjuniperjunos_os_evolvedMatch21.2r3
ORjuniperjunos_os_evolvedMatch21.2r3-s1
ORjuniperjunos_os_evolvedMatch21.2r3-s2
ORjuniperjunos_os_evolvedMatch21.2r3-s3
ORjuniperjunos_os_evolvedMatch21.2r3-s4
ORjuniperjunos_os_evolvedMatch21.3-
ORjuniperjunos_os_evolvedMatch21.3r1
ORjuniperjunos_os_evolvedMatch21.3r1-s1
ORjuniperjunos_os_evolvedMatch21.3r2
ORjuniperjunos_os_evolvedMatch21.3r2-s1
ORjuniperjunos_os_evolvedMatch21.3r2-s2
ORjuniperjunos_os_evolvedMatch21.3r3
ORjuniperjunos_os_evolvedMatch21.3r3-s1
ORjuniperjunos_os_evolvedMatch21.3r3-s2
ORjuniperjunos_os_evolvedMatch21.3r3-s3
ORjuniperjunos_os_evolvedMatch21.4-
ORjuniperjunos_os_evolvedMatch21.4r1
ORjuniperjunos_os_evolvedMatch21.4r1-s1
ORjuniperjunos_os_evolvedMatch21.4r1-s2
ORjuniperjunos_os_evolvedMatch21.4r2
ORjuniperjunos_os_evolvedMatch21.4r2-s1
ORjuniperjunos_os_evolvedMatch21.4r2-s2
ORjuniperjunos_os_evolvedMatch21.4r3
ORjuniperjunos_os_evolvedMatch21.4r3-s1
ORjuniperjunos_os_evolvedMatch21.4r3-s2
ORjuniperjunos_os_evolvedMatch22.1r1
ORjuniperjunos_os_evolvedMatch22.1r1-s1
ORjuniperjunos_os_evolvedMatch22.1r1-s2
ORjuniperjunos_os_evolvedMatch22.1r2
ORjuniperjunos_os_evolvedMatch22.1r2-s1
ORjuniperjunos_os_evolvedMatch22.1r3
ORjuniperjunos_os_evolvedMatch22.1r3-s1
ORjuniperjunos_os_evolvedMatch22.2r1
ORjuniperjunos_os_evolvedMatch22.2r1-s1
ORjuniperjunos_os_evolvedMatch22.2r2
ORjuniperjunos_os_evolvedMatch22.2r2-s1
ORjuniperjunos_os_evolvedMatch22.2r2-s2
ORjuniperjunos_os_evolvedMatch22.3r1
ORjuniperjunos_os_evolvedMatch22.3r1-s1
ORjuniperjunos_os_evolvedMatch22.3r1-s2
ORjuniperjunos_os_evolvedMatch22.3r2
ORjuniperjunos_os_evolvedMatch22.3r2-s1
ORjuniperjunos_os_evolvedMatch22.4r1
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.1*",
"status": "affected",
"version": "21.1R1",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S5",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S4",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S3",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S2",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R3",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R2-S2, 22.3R3",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R2",
"status": "affected",
"version": "22.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S8-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.1*-EVO",
"status": "affected",
"version": "21.1R1-EVO",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S5-EVO",
"status": "affected",
"version": "21.2-EVO",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S4-EVO",
"status": "affected",
"version": "21.3-EVO",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S3-EVO",
"status": "affected",
"version": "21.4-EVO",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S2-EVO",
"status": "affected",
"version": "22.1-EVO",
"versionType": "semver"
},
{
"lessThan": "22.2R3-EVO",
"status": "affected",
"version": "22.2-EVO",
"versionType": "semver"
},
{
"lessThan": "22.3R2-S2-EVO, 22.3R3-EVO",
"status": "affected",
"version": "22.3-EVO",
"versionType": "semver"
},
{
"lessThan": "22.4R1-S1-EVO, 22.4R2-EVO",
"status": "affected",
"version": "22.4-EVO",
"versionType": "semver"
}
]
}
]References
Related
cvelist
cvelist
nvd
nvd
CVE-2023-36839
2023-10-12 23:15:10
prion
prion
Input validation
2023-10-12 23:15:00
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
12.9%
Related for CVE-2023-36839