CVE-2023-22402
Published Jan 13, 2023
Last updated 2 years ago
Overview
- Description
- A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). In a Non Stop Routing (NSR) scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there is a BGP neighbor flap of auto-discovery sessions for any reason. This is a race condition which is outside of an attackers direct control and it depends on system internal timing whether this issue occurs. This issue affects Juniper Networks Junos OS Evolved: 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO; 22.1 versions prior to 22.1R2-EVO; 22.2 versions prior to 22.2R1-S1-EVO, 22.2R2-EVO.
- Source
- sirt@juniper.net
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.9
- Impact score
- 3.6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4EC38173-44AB-43D5-8C27-CB43AD5E0B2E"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A4DD04A-DE52-46BE-8C34-8DB47F7500F0"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r1-s1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEE0E145-8E1C-446E-90ED-237E3B9CAF47"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F26369D-21B2-4C6A-98C1-492692A61283"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r2-s1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24003819-1A6B-4BDF-B3DF-34751C137788"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r2-s2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF8D332E-9133-45B9-BB07-B33C790F737A"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "750FE748-82E7-4419-A061-2DEA26E35309"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "236E23E5-8B04-4081-9D97-7300DF284000"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FC96EA7-90A7-4838-B95D-60DBC88C7BC7"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"
}
],
"operator": "OR"
}
]
}
]