CVE-2023-44175
Published: Oct 12, 2023
Modified: Sep 19, 2024
CVSS v3.1
6.5
Description
A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Note: This issue is not noticed when all the devices in the network are Juniper devices. This issue affects Juniper Networks: Junos OS: * All versions prior to 20.4R3-S7; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R3. Junos OS Evolved: * All versions prior to 22.3R3-EVO; * 22.4-EVO versions prior to 22.4R3-EVO; * 23.2-EVO versions prior to 23.2R1-EVO.
| Vendor | Product | Versions |
|---|---|---|
Juniper Networks | Junos OS | affected 0 - < 20.4R3-S7affected 21.1 - < 21.1R3-S4affected 21.2 - < 21.2R3-S5affected 21.3 - < 21.3R3-S4affected 21.4 - < 21.4R3-S4+4 more versions |
Juniper Networks | Junos OS Evolved | affected 0 - < 22.3R3-EVOaffected 22.4-EVO - < 22.4R3-EVOaffected 23.2-EVO - < 23.2R1-EVO |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now