Lucene search

[email protected]NVD:CVE-2023-28983

HistoryApr 17, 2023 - 10:15 p.m.

CVE-2023-28983

2023-04-1722:15:09

CWE-78

[email protected]

web.nvd.nist.gov

os command injection

gnoi server

juniper networks junos os evolved

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

49.2%

JSON

An OS Command Injection vulnerability in gRPC Network Operations Interface (gNOI) server module of Juniper Networks Junos OS Evolved allows an authenticated, low privileged, network based attacker to inject shell commands and execute code. This issue affects Juniper Networks Junos OS Evolved 21.4 version 21.4R1-EVO and later versions prior to 22.1R1-EVO.

Affected configurations

Nvd

Node

juniperjunos_os_evolvedMatch21.4-

juniperjunos_os_evolvedMatch21.4r1

juniperjunos_os_evolvedMatch21.4r1-s1

juniperjunos_os_evolvedMatch21.4r1-s2

juniperjunos_os_evolvedMatch21.4r2

juniperjunos_os_evolvedMatch21.4r2-s1

juniperjunos_os_evolvedMatch21.4r2-s2

juniperjunos_os_evolvedMatch21.4r3

juniperjunos_os_evolvedMatch21.4r3-s1

juniperjunos_os_evolvedMatch21.4r3-s2

juniperjunos_os_evolvedMatch21.4r3-s3

VendorProductVersionCPE
juniperjunos_os_evolved21.4cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*
juniperjunos_os_evolved21.4cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*
juniperjunos_os_evolved21.4cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*
juniperjunos_os_evolved21.4cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*
juniperjunos_os_evolved21.4cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*
juniperjunos_os_evolved21.4cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*
juniperjunos_os_evolved21.4cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*
juniperjunos_os_evolved21.4cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*
juniperjunos_os_evolved21.4cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*
juniperjunos_os_evolved21.4cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*

Vendor	Product	Version	CPE
juniper	junos_os_evolved	21.4	cpe:2.3:o:juniper:junos_os_evolved:21.4:-::::::
juniper	junos_os_evolved	21.4	cpe:2.3:o:juniper:junos_os_evolved:21.4:r1::::::
juniper	junos_os_evolved	21.4	cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1::::::
juniper	junos_os_evolved	21.4	cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2::::::
juniper	junos_os_evolved	21.4	cpe:2.3:o:juniper:junos_os_evolved:21.4:r2::::::
juniper	junos_os_evolved	21.4	cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1::::::
juniper	junos_os_evolved	21.4	cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2::::::
juniper	junos_os_evolved	21.4	cpe:2.3:o:juniper:junos_os_evolved:21.4:r3::::::
juniper	junos_os_evolved	21.4	cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1::::::
juniper	junos_os_evolved	21.4	cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2::::::

Rows per page:

1-10 of 111

References

supportportal.juniper.net/JSA70609

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

49.2%

JSON

Related for NVD:CVE-2023-28983

cve1 prion1 cvelist1