CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
40.3%
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA73149 advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#TRUSTED 1fcaed839fb723b1c2eed81e813cb53b17ee7034cf1a69d91e2c4e5f58e2a034939c054b8e0d7ba893efcde232b291bc254a3afd775cac1adabf98142ee7ceb4ea1ac987403890d4476f791c36d7c30de14772b9508fac266860d19c3032d89a63b179c4e405a396ffd2a756b88d5fe5385087407f721ca614e70ef83a95dea36472609f14fbfc40214d5f875ba1c9c082e39084533cfe82dcf543c3a0e20f0f26ebb7525c7e81dce327569dc84de7ca58aecbcce94364b3f0bf610950fc9269c9654f9fce9fbbceee1e6b99bcbcbdc6f32167907f90af5fad609fcff7374f4312095ccd6bd3f6c63b442ce9919fb387cf3359f1603624f987eb13a5902f774d8874f51c4677a15b7471e213591bac1bf41fab0f8aa09ebbc1ddfcb5539988eadeb8e7a2841474e062980f3a4194bd0d269c83965096376a0f14580e0733d1d5d11f82716e5dd76b0f6a4c549fdeac5de812383e304c14865e489865dab69c02135733d5d9878b5a856d8fbb32caa52df369784250b3edbdcaf93c748cc08cf253db5a6db5bb76f09f7aad5db0367e32d0a031316e46f67ba13f215fb7dbcfb14da3c0c0d48b8951f07769670ebddc44304466bb3c388a4f7a45e36246ff18aea333585f0dc8ec47fdd54f7620d91fca10f1f43b22fde267cf90af164c0023ff11749bb8b9533a4cff06beed593617cf7bc03393558f0aa64952b2cf2bb8558b
#TRUST-RSA-SHA256 47dc426572bc2be75712767af4d0be18846fef02ebb17fbe1da07fc856f781a40422fdaa8c423b531a324382bf5fe0682a83131dd73d651a9cfb3ee8088faa9b6fbd65e1046844d6eca7ef3fd9f3bb5da251db06e3b16fac9c56a00a6f9c35169d3eba0c6e338338baf65b6064fa1b0190901d9aceb64bbdcfa7639f8a8c89b3c3871fd5fe5051f28041487759bd7203f1d46773e68fc324335af7db4af79823d305caba54a3a845ee5573f13825517ebfe8d33379cd2a6523a93753150ca347acf771759996dba9b48b8cc9b1efb76aa8786781cc08ae5de73e93469748d824a154fc0455041be3a69efee7329e17d6ce888a9bc5c7e71ab045803fb34897bd7135d4caf8c59477f4d28280ec2c95823f38b901bf72548f7b0e080e1dc1b4c54b916573a1fe52d0f0939df6e07f396ac3fe1fe4987f33e0c97a5d473a0d8308f082086d5890bda5b4ddd84924507301e89b3335a633f4d7047d61e167c4c77661ebaa8e7f5a1fefc82bcbab438d18d8873f57228ac21ff41e3f416556bb356de9d9c169a7c91b0a0e95959618065bada04ca2d33eac9e623178bb285b93c135aba194c2cfee2828ccd6a5ce1e5e3744f095d3cec9e6d39d0e8ae4a46428c8781ca2c74cd929c8e4d85fb3628ca2263e14051ae9c05b1d9e0f461571e2e30e96683f9052fe9b673865c2ff23d745daf10cce0fd0c9e01a4b02bb2fd66007d302
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(183505);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/23");
script_cve_id("CVE-2023-44182");
script_xref(name:"JSA", value:"JSA73149");
script_xref(name:"IAVA", value:"2023-A-0565");
script_name(english:"Juniper Junos OS Unchecked Return Value (JSA73149)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA73149
advisory.
- An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos
OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI
interfaces, and the J-Web User Interfaces causes unintended effects such as demotion or elevation of
privileges associated with an operators actions to occur. (CVE-2023-44182)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://supportportal.juniper.net/JSA73149");
# https://www.juniper.net/documentation/us/en/software/junos/interfaces-telemetry/topics/concept/junos-telemetry-interface-grpc-sensors.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?730fe243");
# https://www.juniper.net/documentation/en_US/junos/topics/concept/junos-software-user-interfaces-overview.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c6834662");
# https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-Unchecked-Return-Value-in-multiple-users-interfaces-affects-confidentiality-and-integrity-of-device-operations-CVE-2023-44182
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d9a773ff");
script_set_attribute(attribute:"solution", value:
"Apply the relevant Junos software release referenced in Juniper advisory JSA73149");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-44182");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/10/11");
script_set_attribute(attribute:"patch_publication_date", value:"2023/10/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/10/20");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:juniper:junos");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Junos Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("junos_version.nasl");
script_require_keys("Host/Juniper/JUNOS/Version");
exit(0);
}
include('junos.inc');
include('junos_kb_cmd_func.inc');
var ver = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');
var vuln_ranges = [
{'min_ver':'0.0', 'fixed_ver':'20.4R3-S7'},
{'min_ver':'0.0', 'fixed_ver':'21.4R3-S3-EVO'},
{'min_ver':'21.1', 'fixed_ver':'21.1R3-S5'},
{'min_ver':'21.2', 'fixed_ver':'21.2R3-S5'},
{'min_ver':'21.3', 'fixed_ver':'21.3R3-S4'},
{'min_ver':'21.4', 'fixed_ver':'21.4R3-S3'},
{'min_ver':'22.1', 'fixed_ver':'22.1R3-S2'},
{'min_ver':'22.1-EVO', 'fixed_ver':'22.1R1-EVO'},
{'min_ver':'22.2', 'fixed_ver':'22.2R2-S2', 'fixed_display':'22.2R2-S2, 22.2R3'},
{'min_ver':'22.3', 'fixed_ver':'22.3R1-S2', 'fixed_display':'22.3R1-S2, 22.3R2'},
{'min_ver':'22.3-EVO', 'fixed_ver':'22.3R1-S2-EVO', 'fixed_display':'22.3R1-S2-EVO, 22.3R2-EVO'}
];
var fix = junos_compare_range(target_version:ver, vuln_ranges:vuln_ranges);
if (empty_or_null(fix)) audit(AUDIT_INST_VER_NOT_VULN, 'Junos OS', ver);
junos_report(ver:ver, fix:fix, severity:SECURITY_HOLE);