Lucene search

JuniperVULNRICHMENT:CVE-2023-44176

HistoryOct 12, 2023 - 11:00 p.m.

CVE-2023-44176 Junos OS : Stack overflow vulnerability in CLI command processing

2023-10-1223:00:51

CWE-787

CWE-121

juniper

github.com

cve-2023-44176

junos os

stack overflow

vulnerability

cli command

denial of service

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service.

Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition.

This issue affects Juniper Networks:

Junos OS:

All versions prior to 20.4R3-S8;
21.2 versions prior to 21.2R3-S6;
21.3 versions prior to 21.3R3-S5;
22.1 versions prior to 22.1R3-S3;
22.3 versions prior to 22.3R3;
22.4 versions prior to 22.4R3.

References

supportportal.juniper.net/JSA73140

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-44176