CVE-2023-22411

Published: Jan 13, 2023Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: sirt@juniper.net (Secondary)

Description

An Out-of-Bounds Write vulnerability in Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On SRX Series devices using Unified Policies with IPv6, when a specific IPv6 packet goes through a dynamic-application filter which will generate an ICMP deny message, the flowd core is observed and the PFE is restarted. This issue affects: Juniper Networks Junos OS on SRX Series: 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R3-S9; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2.

Affected (114)

Products: Juniper: Junos

Juniper

1 product

Junos

Configuration A

114 vulnerable · 28 platform

Vulnerable Software	Affected Versions
Juniper Junos	Version 19.2
Juniper Junos	Version 19.2 r1-s1
Juniper Junos	Version 19.2 r1-s2
Juniper Junos	Version 19.2 r1-s3
Juniper Junos	Version 19.2 r1-s4
Juniper Junos	Version 19.2 r1-s5
Juniper Junos	Version 19.2 r1-s6
Juniper Junos	Version 19.2 r1-s7
Juniper Junos	Version 19.2 r1-s8
Juniper Junos	Version 19.2 r1-s9
Juniper Junos	Version 19.2 r1
Juniper Junos	Version 19.2 r2-s1
Juniper Junos	Version 19.2 r2
Juniper Junos	Version 19.2 r3-s1
Juniper Junos	Version 19.2 r3-s2
Juniper Junos	Version 19.2 r3-s3
Juniper Junos	Version 19.2 r3-s4
Juniper Junos	Version 19.2 r3-s5
Juniper Junos	Version 19.2 r3
Juniper Junos	Version 19.3
Juniper Junos	Version 19.3 r1-s1
Juniper Junos	Version 19.3 r1
Juniper Junos	Version 19.3 r2-s1
Juniper Junos	Version 19.3 r2-s2
Juniper Junos	Version 19.3 r2-s3
Juniper Junos	Version 19.3 r2-s4
Juniper Junos	Version 19.3 r2-s5
Juniper Junos	Version 19.3 r2-s6
Juniper Junos	Version 19.3 r2-s7
Juniper Junos	Version 19.3 r2
Juniper Junos	Version 19.3 r3-s1
Juniper Junos	Version 19.3 r3-s2
Juniper Junos	Version 19.3 r3-s3
Juniper Junos	Version 19.3 r3-s4
Juniper Junos	Version 19.3 r3-s5
Juniper Junos	Version 19.3 r3
Juniper Junos	Version 19.4
Juniper Junos	Version 19.4 r1-s1
Juniper Junos	Version 19.4 r1-s2
Juniper Junos	Version 19.4 r1-s3
Juniper Junos	Version 19.4 r1-s4
Juniper Junos	Version 19.4 r1
Juniper Junos	Version 19.4 r2-s1
Juniper Junos	Version 19.4 r2-s2
Juniper Junos	Version 19.4 r2-s3
Juniper Junos	Version 19.4 r2-s4
Juniper Junos	Version 19.4 r2-s5
Juniper Junos	Version 19.4 r2-s6
Juniper Junos	Version 19.4 r2-s7
Juniper Junos	Version 19.4 r2
Juniper Junos	Version 19.4 r3-s10
Juniper Junos	Version 19.4 r3-s1
Juniper Junos	Version 19.4 r3-s2
Juniper Junos	Version 19.4 r3-s3
Juniper Junos	Version 19.4 r3-s4
Juniper Junos	Version 19.4 r3-s5
Juniper Junos	Version 19.4 r3-s6
Juniper Junos	Version 19.4 r3-s7
Juniper Junos	Version 19.4 r3-s8
Juniper Junos	Version 19.4 r3
Juniper Junos	Version 20.2
Juniper Junos	Version 20.2 r1-s1
Juniper Junos	Version 20.2 r1-s2
Juniper Junos	Version 20.2 r1-s3
Juniper Junos	Version 20.2 r1
Juniper Junos	Version 20.2 r2-s1
Juniper Junos	Version 20.2 r2-s2
Juniper Junos	Version 20.2 r2-s3
Juniper Junos	Version 20.2 r2
Juniper Junos	Version 20.2 r3-s1
Juniper Junos	Version 20.2 r3-s2
Juniper Junos	Version 20.2 r3-s3
Juniper Junos	Version 20.2 r3-s4
Juniper Junos	Version 20.2 r3
Juniper Junos	Version 20.3
Juniper Junos	Version 20.3 r1-s1
Juniper Junos	Version 20.3 r1-s2
Juniper Junos	Version 20.3 r1
Juniper Junos	Version 20.3 r2-s1
Juniper Junos	Version 20.3 r2
Juniper Junos	Version 20.3 r3-s1
Juniper Junos	Version 20.3 r3-s2
Juniper Junos	Version 20.3 r3-s3
Juniper Junos	Version 20.3 r3
Juniper Junos	Version 20.4
Juniper Junos	Version 20.4 r1-s1
Juniper Junos	Version 20.4 r1
Juniper Junos	Version 20.4 r2-s1
Juniper Junos	Version 20.4 r2-s2
Juniper Junos	Version 20.4 r2
Juniper Junos	Version 20.4 r3-s1
Juniper Junos	Version 20.4 r3-s2
Juniper Junos	Version 20.4 r3
Juniper Junos	Version 21.1
Juniper Junos	Version 21.1 r1-s1
Juniper Junos	Version 21.1 r1
Juniper Junos	Version 21.1 r2-s1
Juniper Junos	Version 21.1 r2-s2
Juniper Junos	Version 21.1 r2
Juniper Junos	Version 21.2
Juniper Junos	Version 21.2 r1-s1
Juniper Junos	Version 21.2 r1-s2
Juniper Junos	Version 21.2 r1
Juniper Junos	Version 21.2 r2-s1
Juniper Junos	Version 21.2 r2-s2
Juniper Junos	Version 21.2 r2
Juniper Junos	Version 21.3
Juniper Junos	Version 21.3 r1-s1
Juniper Junos	Version 21.3 r1-s2
Juniper Junos	Version 21.3 r1
Juniper Junos	Version 21.4
Juniper Junos	Version 21.4 r1-s1
Juniper Junos	Version 21.4 r1-s2
Juniper Junos	Version 21.4 r1

Running on/with	Platform Versions
Juniper Srx100	All versions
Juniper Srx110	All versions
Juniper Srx1400	All versions
Juniper Srx1500	All versions
Juniper Srx210	All versions
Juniper Srx220	All versions
Juniper Srx240	All versions
Juniper Srx240h2	All versions
Juniper Srx240m	All versions
Juniper Srx300	All versions
Juniper Srx320	All versions
Juniper Srx340	All versions
Juniper Srx3400	All versions
Juniper Srx345	All versions
Juniper Srx3600	All versions
Juniper Srx380	All versions
Juniper Srx4000	All versions
Juniper Srx4100	All versions
Juniper Srx4200	All versions
Juniper Srx4600	All versions
Juniper Srx5000	All versions
Juniper Srx5400	All versions
Juniper Srx550	All versions
Juniper Srx550 Hm	All versions
Juniper Srx550m	All versions
Juniper Srx5600	All versions
Juniper Srx5800	All versions
Juniper Srx650	All versions

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://kb.juniper.net/JSA70207

Source: sirt@juniper.net

Vendor Advisory

https://kb.juniper.net/JSA70207

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.