Lucene search
HistoryOct 13, 2023 - 12:15 a.m.
CVE-2023-44177
cve-2023-44177
buffer overflow
juniper networks
junos os
junos os evolved
dos
nvd
security vulnerability
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service.
Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition.
This issue affects Juniper Networks:
Junos OS:
- All versions prior to 19.1R3-S10;
- 19.2 versions prior to 19.2R3-S7;
- 19.3 versions prior to 19.3R3-S8;
- 19.4 versions prior to 19.4R3-S12;
- 20.2 versions prior to 20.2R3-S8;
- 20.4 versions prior to 20.4R3-S8;
- 21.2 versions prior to 21.2R3-S6;
- 21.3 versions prior to 21.3R3-S5;
- 21.4 versions prior to 21.4R3-S4;
- 22.1 versions prior to 22.1R3-S3;
- 22.2 versions prior to 22.2R3-S1;
- 22.3 versions prior to 22.3R3;
- 22.4 versions prior to 22.4R2.
Junos OS Evolved:
- All versions prior to 20.4R3-S8-EVO;
- 21.2 versions prior to 21.2R3-S6-EVO;
- 21.3 versions prior to 21.3R3-S5-EVO;
- 21.4 versions prior to 21.4R3-S4-EVO;
- 22.1 versions prior to 22.1R3-S3-EVO;
- 22.2 versions prior to 22.2R3-S1-EVO;
- 22.3 versions prior to 22.3R3-EVO;
- 22.4 versions prior to 22.4R2-EVO.
Affected configurations
Node
juniperjunosRange<20.4
ORjuniperjunosMatch20.4-
ORjuniperjunosMatch20.4r1
ORjuniperjunosMatch20.4r1-s1
ORjuniperjunosMatch20.4r2
ORjuniperjunosMatch20.4r2-s1
ORjuniperjunosMatch20.4r2-s2
ORjuniperjunosMatch20.4r3
ORjuniperjunosMatch20.4r3-s1
ORjuniperjunosMatch20.4r3-s2
ORjuniperjunosMatch20.4r3-s3
ORjuniperjunosMatch20.4r3-s4
ORjuniperjunosMatch20.4r3-s5
ORjuniperjunosMatch20.4r3-s6
ORjuniperjunosMatch20.4r3-s7
ORjuniperjunosMatch21.2-
ORjuniperjunosMatch21.2r1
ORjuniperjunosMatch21.2r1-s1
ORjuniperjunosMatch21.2r1-s2
ORjuniperjunosMatch21.2r2
ORjuniperjunosMatch21.2r2-s1
ORjuniperjunosMatch21.2r2-s2
ORjuniperjunosMatch21.2r3
ORjuniperjunosMatch21.2r3-s1
ORjuniperjunosMatch21.2r3-s2
ORjuniperjunosMatch21.2r3-s3
ORjuniperjunosMatch21.2r3-s4
ORjuniperjunosMatch21.2r3-s5
ORjuniperjunosMatch21.3-
ORjuniperjunosMatch21.3r1
ORjuniperjunosMatch21.3r1-s1
ORjuniperjunosMatch21.3r1-s2
ORjuniperjunosMatch21.3r2
ORjuniperjunosMatch21.3r2-s1
ORjuniperjunosMatch21.3r2-s2
ORjuniperjunosMatch21.3r3
ORjuniperjunosMatch21.3r3-s1
ORjuniperjunosMatch21.3r3-s2
ORjuniperjunosMatch21.3r3-s3
ORjuniperjunosMatch21.3r3-s4
ORjuniperjunosMatch21.4-
ORjuniperjunosMatch21.4r1
ORjuniperjunosMatch21.4r1-s1
ORjuniperjunosMatch21.4r1-s2
ORjuniperjunosMatch21.4r2
ORjuniperjunosMatch21.4r2-s1
ORjuniperjunosMatch21.4r2-s2
ORjuniperjunosMatch21.4r3
ORjuniperjunosMatch21.4r3-s1
ORjuniperjunosMatch21.4r3-s2
ORjuniperjunosMatch21.4r3-s3
ORjuniperjunosMatch22.1r1
ORjuniperjunosMatch22.1r1-s1
ORjuniperjunosMatch22.1r1-s2
ORjuniperjunosMatch22.1r2
ORjuniperjunosMatch22.1r2-s1
ORjuniperjunosMatch22.1r2-s2
ORjuniperjunosMatch22.1r3
ORjuniperjunosMatch22.1r3-s1
ORjuniperjunosMatch22.1r3-s2
ORjuniperjunosMatch22.2r1
ORjuniperjunosMatch22.2r1-s1
ORjuniperjunosMatch22.2r1-s2
ORjuniperjunosMatch22.2r2
ORjuniperjunosMatch22.2r2-s1
ORjuniperjunosMatch22.2r2-s2
ORjuniperjunosMatch22.2r3
ORjuniperjunosMatch22.3r1
ORjuniperjunosMatch22.3r1-s1
ORjuniperjunosMatch22.3r1-s2
ORjuniperjunosMatch22.3r2
ORjuniperjunosMatch22.3r2-s1
ORjuniperjunosMatch22.3r2-s2
ORjuniperjunosMatch22.4r1
ORjuniperjunosMatch22.4r1-s1
ORjuniperjunosMatch22.4r1-s2
Node
juniperjunos_os_evolvedRange<20.4
ORjuniperjunos_os_evolvedMatch20.4-
ORjuniperjunos_os_evolvedMatch20.4r1
ORjuniperjunos_os_evolvedMatch20.4r1-s1
ORjuniperjunos_os_evolvedMatch20.4r1-s2
ORjuniperjunos_os_evolvedMatch20.4r2
ORjuniperjunos_os_evolvedMatch20.4r2-s1
ORjuniperjunos_os_evolvedMatch20.4r2-s2
ORjuniperjunos_os_evolvedMatch20.4r2-s3
ORjuniperjunos_os_evolvedMatch20.4r3
ORjuniperjunos_os_evolvedMatch20.4r3-s1
ORjuniperjunos_os_evolvedMatch20.4r3-s2
ORjuniperjunos_os_evolvedMatch20.4r3-s3
ORjuniperjunos_os_evolvedMatch20.4r3-s4
ORjuniperjunos_os_evolvedMatch20.4r3-s5
ORjuniperjunos_os_evolvedMatch20.4r3-s6
ORjuniperjunos_os_evolvedMatch20.4r3-s7
ORjuniperjunos_os_evolvedMatch21.2-
ORjuniperjunos_os_evolvedMatch21.2r1
ORjuniperjunos_os_evolvedMatch21.2r1-s1
ORjuniperjunos_os_evolvedMatch21.2r1-s2
ORjuniperjunos_os_evolvedMatch21.2r2
ORjuniperjunos_os_evolvedMatch21.2r2-s1
ORjuniperjunos_os_evolvedMatch21.2r2-s2
ORjuniperjunos_os_evolvedMatch21.2r3
ORjuniperjunos_os_evolvedMatch21.2r3-s1
ORjuniperjunos_os_evolvedMatch21.2r3-s2
ORjuniperjunos_os_evolvedMatch21.2r3-s3
ORjuniperjunos_os_evolvedMatch21.2r3-s4
ORjuniperjunos_os_evolvedMatch21.2r3-s5
ORjuniperjunos_os_evolvedMatch21.3-
ORjuniperjunos_os_evolvedMatch21.3r1
ORjuniperjunos_os_evolvedMatch21.3r1-s1
ORjuniperjunos_os_evolvedMatch21.3r2
ORjuniperjunos_os_evolvedMatch21.3r2-s1
ORjuniperjunos_os_evolvedMatch21.3r2-s2
ORjuniperjunos_os_evolvedMatch21.3r3
ORjuniperjunos_os_evolvedMatch21.3r3-s1
ORjuniperjunos_os_evolvedMatch21.3r3-s2
ORjuniperjunos_os_evolvedMatch21.3r3-s3
ORjuniperjunos_os_evolvedMatch21.3r3-s4
ORjuniperjunos_os_evolvedMatch21.4-
ORjuniperjunos_os_evolvedMatch21.4r1
ORjuniperjunos_os_evolvedMatch21.4r1-s1
ORjuniperjunos_os_evolvedMatch21.4r1-s2
ORjuniperjunos_os_evolvedMatch21.4r2
ORjuniperjunos_os_evolvedMatch21.4r2-s1
ORjuniperjunos_os_evolvedMatch21.4r2-s2
ORjuniperjunos_os_evolvedMatch21.4r3
ORjuniperjunos_os_evolvedMatch21.4r3-s1
ORjuniperjunos_os_evolvedMatch21.4r3-s2
ORjuniperjunos_os_evolvedMatch21.4r3-s3
ORjuniperjunos_os_evolvedMatch22.1r1
ORjuniperjunos_os_evolvedMatch22.1r1-s1
ORjuniperjunos_os_evolvedMatch22.1r1-s2
ORjuniperjunos_os_evolvedMatch22.1r2
ORjuniperjunos_os_evolvedMatch22.1r2-s1
ORjuniperjunos_os_evolvedMatch22.1r3
ORjuniperjunos_os_evolvedMatch22.1r3-s1
ORjuniperjunos_os_evolvedMatch22.1r3-s2
ORjuniperjunos_os_evolvedMatch22.2r1
ORjuniperjunos_os_evolvedMatch22.2r1-s1
ORjuniperjunos_os_evolvedMatch22.2r2
ORjuniperjunos_os_evolvedMatch22.2r2-s1
ORjuniperjunos_os_evolvedMatch22.2r2-s2
ORjuniperjunos_os_evolvedMatch22.2r3
ORjuniperjunos_os_evolvedMatch22.3r1
ORjuniperjunos_os_evolvedMatch22.3r1-s1
ORjuniperjunos_os_evolvedMatch22.3r1-s2
ORjuniperjunos_os_evolvedMatch22.3r2
ORjuniperjunos_os_evolvedMatch22.3r2-s1
ORjuniperjunos_os_evolvedMatch22.3r2-s2
ORjuniperjunos_os_evolvedMatch22.4r1
ORjuniperjunos_os_evolvedMatch22.4r1-s1
ORjuniperjunos_os_evolvedMatch22.4r1-s2
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "19.1R3-S10",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "19.2R3-S7",
"status": "affected",
"version": "19.2",
"versionType": "semver"
},
{
"lessThan": "19.3R3-S8",
"status": "affected",
"version": "19.3",
"versionType": "semver"
},
{
"lessThan": "19.4R3-S12",
"status": "affected",
"version": "19.4",
"versionType": "semver"
},
{
"lessThan": "20.2R3-S8",
"status": "affected",
"version": "20.2",
"versionType": "semver"
},
{
"lessThan": "20.4R3-S8",
"status": "affected",
"version": "20.4",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S6",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S5",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S4",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S3",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S1",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R2",
"status": "affected",
"version": "22.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S8-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S6-EVO",
"status": "affected",
"version": "21.2",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S5-EVO",
"status": "affected",
"version": "21.3",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S4-EVO",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.1R3-S3-EVO",
"status": "affected",
"version": "22.1",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S1-EVO",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.3R3-EVO",
"status": "affected",
"version": "22.3",
"versionType": "semver"
},
{
"lessThan": "22.4R2-EVO",
"status": "affected",
"version": "22.4",
"versionType": "semver"
}
]
}
]References
Related
nvd
nvd
CVE-2023-44177
2023-10-13 00:15:11
prion
prion
Stack overflow
2023-10-13 00:15:00
cvelist
cvelist
nessus
nessus
Juniper Junos OS Multiple Vulnerabilities (JSA73140)
2023-10-11 00:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2023-44177