CVE-2023-22401
Published Jan 13, 2023
Last updated 2 years ago
Overview
- Description
- An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On the PTX10008 and PTX10016 platforms running Junos OS or Junos OS Evolved, when a specific SNMP MIB is queried this will cause a PFE crash and the FPC will go offline and not automatically recover. A system restart is required to get the affected FPC in an operational state again. This issue affects: Juniper Networks Junos OS 22.1 version 22.1R2 and later versions; 22.1 versions prior to 22.1R3; 22.2 versions prior to 22.2R2. Juniper Networks Junos OS Evolved 21.3-EVO version 21.3R3-EVO and later versions; 21.4-EVO version 21.4R1-S2-EVO, 21.4R2-EVO and later versions prior to 21.4R2-S1-EVO; 22.1-EVO version 22.1R2-EVO and later versions prior to 22.1R3-EVO; 22.2-EVO versions prior to 22.2R1-S1-EVO, 22.2R2-EVO.
- Source
- sirt@juniper.net
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E2A4377-D044-4E43-B6CC-B753D7F6ABD4"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "97541867-C52F-40BB-9AAE-7E87ED23D789"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"
}
],
"operator": "OR"
}
]
}
]