ByteOS Network

CVE Vulnerability Details :

CVE-2023-28964

PUBLISHED

More Info Official Page

Assigner-juniper

Assigner Org ID-8cbe9d5a-a066-4c94-8978-4b15efeae968

Published At-17 Apr, 2023 | 00:00

Updated At-06 Feb, 2025 | 14:39

▼CVE Numbering Authority (CNA)

Junos OS and Junos OS Evolved: Malformed BGP flowspec update causes RPD crash

An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause an RPD crash leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Upon receipt of a malformed BGP flowspec update, RPD will crash resulting in a Denial of Service. This issue affects Juniper Networks Junos OS: All versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R3-S1; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior to 20.3R1-S1, 20.3R2; Juniper Networks Junos OS Evolved: All versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R2-EVO; 20.3 versions prior to 20.3R2-EVO;

Affected Products

Vendor

Juniper Networks, Inc.

Product

Junos OS

Versions

Affected

From unspecified before 18.1R3-S11 (custom)
From 18.2 before 18.2R3-S6 (custom)
From 18.3 before 18.3R3-S4 (custom)
From 18.4 before 18.4R3-S6 (custom)
From 19.1 before 19.1R3-S4 (custom)
From 19.2 before 19.2R3-S1 (custom)
From 19.3 before 19.3R3-S1 (custom)
From 19.4 before 19.4R3 (custom)
From 20.1 before 20.1R2 (custom)
From 20.2 before 20.2R2 (custom)
From 20.3 before 20.3R1-S1, 20.3R2 (custom)

Vendor

Juniper Networks, Inc.

Product

Junos OS Evolved

Versions

Affected

From unspecified before 20.1R3-EVO (custom)
From 20.2 before 20.2R2-EVO (custom)
From 20.3 before 20.3R2-EVO (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-130	CWE-130 Improper Handling of Length Parameter Inconsistency

Type: CWE

CWE ID: CWE-130

Description: CWE-130 Improper Handling of Length Parameter Inconsistency

Metrics

Version	Base score	Base severity	Vector
3.1	7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Version: 3.1

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Solutions

The following software releases have been updated to resolve this specific issue: Junos OS: 18.1R3-S11, 18.2R3-S6, 18.3R3-S4, 18.4R3-S6, 19.1R3-S4, 19.2R3-S1, 19.3R3-S1, 19.4R3, 20.1R2, 20.2R2, 20.3R1-S1, 20.3R2, 20.4R1, and all subsequent releases. Junos OS Evolved: 20.1R3-EVO, 20.2R2-EVO, 20.3R2-EVO, 20.4R1-EVO, and all subsequent releases.

Workarounds

There are no known workarounds for this issue.

Exploits

Juniper SIRT is not aware of any malicious exploitation of this vulnerability.

References

Hyperlink	Resource
https://supportportal.juniper.net/JSA70588	N/A

Hyperlink: https://supportportal.juniper.net/JSA70588

Resource: N/A

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
https://supportportal.juniper.net/JSA70588	x_transferred

Hyperlink: https://supportportal.juniper.net/JSA70588

Resource:

x_transferred

2. CISA ADP Vulnrichment

Affected Products

Affected

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References