Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJuniperCVELIST:CVE-2023-28959
HistoryApr 17, 2023 - 12:00 a.m.

CVE-2023-28959 Junos OS: QFX10002: PFE wedges and restarts upon receipt of specific malformed packets

2023-04-1700:00:00
CWE-703
juniper
www.cve.org
2
juniper networks junos
qfx10002
vulnerability
packet processing
denial of service

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON

An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to wedge and to eventually restart, resulting in a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue can only be triggered by sending a specific malformed packet to the device. Transit traffic does not trigger this issue. An indication of this issue occurring can be seen through the following log messages: fpc0 expr_hostbound_packet_handler: Receive pe 73? fpc0 Cmerror Op Set: PE Chip: PE0[0]: PGQ:misc_intr: 0x00000020: Enqueue of a packet with out-of-range VOQ in 192K-VOQ mode (URI: /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_PGQ_MISC_INT_EVENTS_ENQ_192K_VIOL) The logs list below can also be observed when this issue occurs fpc0 Error: /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_PGQ_MISC_INT_EVENTS_ENQ_192K_VIOL (0x210107), scope: pfe, category: functional, severity: major, module: PE Chip, type: Description for PECHIP_CMERROR_PGQ_MISC_INT_EVENTS_ENQ_192K_VIOL fpc0 Performing action cmalarm for error /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_PGQ_MISC_INT_EVENTS_ENQ_192K_VIOL (0x210107) in module: PE Chip with scope: pfe category: functional level: major fpc0 Error: /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_CM_INT_REG_DCHK_PIPE (0x21011a), scope: pfe, category: functional, severity: fatal, module: PE Chip, type: Description for PECHIP_CMERROR_CM_INT_REG_DCHK_PIPE fpc0 Performing action cmalarm for error /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_CM_INT_REG_DCHK_PIPE (0x21011a) in module: PE Chip with scope: pfe category: functional level: fatal fpc0 Performing action disable-pfe for error /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_CM_INT_REG_DCHK_PIPE (0x21011a) in module: PE Chip with scope: pfe category: functional level: fatal This issue affects Juniper Networks Junos OS on QFX10002: All versions prior to 19.1R3-S10; 19.4 versions prior to 19.4R3-S11; 20.2 versions prior to 20.2R3-S7; 20.4 versions prior to 20.4R3-S6; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S2; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R2-S1, 22.2R3; 22.3 versions prior to 22.3R1-S2, 22.3R2.

CNA Affected

[
  {
    "vendor": "Juniper Networks",
    "product": "Junos OS",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "19.1R3-S10",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "19.4",
        "status": "affected",
        "lessThan": "19.4R3-S11",
        "versionType": "custom"
      },
      {
        "version": "20.2",
        "status": "affected",
        "lessThan": "20.2R3-S7",
        "versionType": "custom"
      },
      {
        "version": "20.4",
        "status": "affected",
        "lessThan": "20.4R3-S6",
        "versionType": "custom"
      },
      {
        "version": "21.1",
        "status": "affected",
        "lessThan": "21.1R3-S4",
        "versionType": "custom"
      },
      {
        "version": "21.2",
        "status": "affected",
        "lessThan": "21.2R3-S4",
        "versionType": "custom"
      },
      {
        "version": "21.3",
        "status": "affected",
        "lessThan": "21.3R3-S3",
        "versionType": "custom"
      },
      {
        "version": "21.4",
        "status": "affected",
        "lessThan": "21.4R3-S2",
        "versionType": "custom"
      },
      {
        "version": "22.1",
        "status": "affected",
        "lessThan": "22.1R3-S1",
        "versionType": "custom"
      },
      {
        "version": "22.2",
        "status": "affected",
        "lessThan": "22.2R2-S1, 22.2R3",
        "versionType": "custom"
      },
      {
        "version": "22.3",
        "status": "affected",
        "lessThan": "22.3R1-S2, 22.3R2",
        "versionType": "custom"
      }
    ],
    "platforms": [
      "QFX10002"
    ]
  }
]

Related

nessus 1
cve 1
prion 1
nvd 1
ibm 1
nessus
nessus
Juniper Junos OS Vulnerability (JSA70584)
2023-04-25 00:00:00
cve
cve
CVE-2023-28959
2023-04-17 22:15:08
prion
prion
Design/Logic Flaw
2023-04-17 22:15:00
nvd
nvd
CVE-2023-28959
2023-04-17 22:15:08
ibm
ibm
Security Bulletin: Multiple security vulnerabilities affecting Watson Knowledge Catalog for IBM Cloud Pak for Data
2023-07-05 18:31:10

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON
Related for CVELIST:CVE-2023-28959
nessus1cve1prion1nvd1ibm1