Lucene search

K
cve[email protected]CVE-2023-44178
HistoryOct 13, 2023 - 12:15 a.m.

CVE-2023-44178

2023-10-1300:15:11
CWE-787
CWE-121
web.nvd.nist.gov
18
cve-2023-44178
juniper networks
junos os
buffer overflow
cli command
security vulnerability
denial of service
nvd
cve

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

8.9%

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service.

Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition.

This issue affects Juniper Networks:

Junos OS

  • All versions prior to 19.1R3-S10;
  • 19.2 versions prior to 19.2R3-S7;
  • 19.3 versions prior to 19.3R3-S8;
  • 19.4 versions prior to 19.4R3-S12;
  • 20.2 versions prior to 20.2R3-S8;
  • 20.4 versions prior to 20.4R3-S8;
  • 21.2 versions prior to 21.2R3-S6;
  • 21.3 versions prior to 21.3R3-S5;
  • 21.4 versions prior to 21.4R3-S5;
  • 22.1 versions prior to 22.1R3-S3;
  • 22.2 versions prior to 22.2R3-S2;
  • 22.3 versions prior to 22.3R3-S1;
  • 22.4 versions prior to 22.4R2-S1;
  • 23.2 versions prior to 23.2R2.

Affected configurations

NVD
Node
juniperjunosRange<20.4
OR
juniperjunosMatch20.4-
OR
juniperjunosMatch20.4r1
OR
juniperjunosMatch20.4r1-s1
OR
juniperjunosMatch20.4r2
OR
juniperjunosMatch20.4r2-s1
OR
juniperjunosMatch20.4r2-s2
OR
juniperjunosMatch20.4r3
OR
juniperjunosMatch20.4r3-s1
OR
juniperjunosMatch20.4r3-s2
OR
juniperjunosMatch20.4r3-s3
OR
juniperjunosMatch20.4r3-s4
OR
juniperjunosMatch20.4r3-s5
OR
juniperjunosMatch20.4r3-s6
OR
juniperjunosMatch20.4r3-s7
OR
juniperjunosMatch21.2-
OR
juniperjunosMatch21.2r1
OR
juniperjunosMatch21.2r1-s1
OR
juniperjunosMatch21.2r1-s2
OR
juniperjunosMatch21.2r2
OR
juniperjunosMatch21.2r2-s1
OR
juniperjunosMatch21.2r2-s2
OR
juniperjunosMatch21.2r3
OR
juniperjunosMatch21.2r3-s1
OR
juniperjunosMatch21.2r3-s2
OR
juniperjunosMatch21.2r3-s3
OR
juniperjunosMatch21.2r3-s4
OR
juniperjunosMatch21.2r3-s5
OR
juniperjunosMatch21.3-
OR
juniperjunosMatch21.3r1
OR
juniperjunosMatch21.3r1-s1
OR
juniperjunosMatch21.3r1-s2
OR
juniperjunosMatch21.3r2
OR
juniperjunosMatch21.3r2-s1
OR
juniperjunosMatch21.3r2-s2
OR
juniperjunosMatch21.3r3
OR
juniperjunosMatch21.3r3-s1
OR
juniperjunosMatch21.3r3-s2
OR
juniperjunosMatch21.3r3-s3
OR
juniperjunosMatch21.3r3-s4
OR
juniperjunosMatch21.4-
OR
juniperjunosMatch21.4r1
OR
juniperjunosMatch21.4r1-s1
OR
juniperjunosMatch21.4r1-s2
OR
juniperjunosMatch21.4r2
OR
juniperjunosMatch21.4r2-s1
OR
juniperjunosMatch21.4r2-s2
OR
juniperjunosMatch21.4r3
OR
juniperjunosMatch21.4r3-s1
OR
juniperjunosMatch21.4r3-s2
OR
juniperjunosMatch21.4r3-s3
OR
juniperjunosMatch22.1r1
OR
juniperjunosMatch22.1r1-s1
OR
juniperjunosMatch22.1r1-s2
OR
juniperjunosMatch22.1r2
OR
juniperjunosMatch22.1r2-s1
OR
juniperjunosMatch22.1r2-s2
OR
juniperjunosMatch22.1r3
OR
juniperjunosMatch22.1r3-s1
OR
juniperjunosMatch22.1r3-s2
OR
juniperjunosMatch22.2r1
OR
juniperjunosMatch22.2r1-s1
OR
juniperjunosMatch22.2r1-s2
OR
juniperjunosMatch22.2r2
OR
juniperjunosMatch22.2r2-s1
OR
juniperjunosMatch22.2r2-s2
OR
juniperjunosMatch22.2r3
OR
juniperjunosMatch22.3r1
OR
juniperjunosMatch22.3r1-s1
OR
juniperjunosMatch22.3r1-s2
OR
juniperjunosMatch22.3r2
OR
juniperjunosMatch22.3r2-s1
OR
juniperjunosMatch22.3r2-s2
OR
juniperjunosMatch22.4r1
OR
juniperjunosMatch22.4r1-s1
OR
juniperjunosMatch22.4r1-s2
Node
juniperjunos_os_evolvedRange<20.4
OR
juniperjunos_os_evolvedMatch20.4-
OR
juniperjunos_os_evolvedMatch20.4r1
OR
juniperjunos_os_evolvedMatch20.4r1-s1
OR
juniperjunos_os_evolvedMatch20.4r1-s2
OR
juniperjunos_os_evolvedMatch20.4r2
OR
juniperjunos_os_evolvedMatch20.4r2-s1
OR
juniperjunos_os_evolvedMatch20.4r2-s2
OR
juniperjunos_os_evolvedMatch20.4r2-s3
OR
juniperjunos_os_evolvedMatch20.4r3
OR
juniperjunos_os_evolvedMatch20.4r3-s1
OR
juniperjunos_os_evolvedMatch20.4r3-s2
OR
juniperjunos_os_evolvedMatch20.4r3-s3
OR
juniperjunos_os_evolvedMatch20.4r3-s4
OR
juniperjunos_os_evolvedMatch20.4r3-s5
OR
juniperjunos_os_evolvedMatch20.4r3-s6
OR
juniperjunos_os_evolvedMatch20.4r3-s7
OR
juniperjunos_os_evolvedMatch21.2-
OR
juniperjunos_os_evolvedMatch21.2r1
OR
juniperjunos_os_evolvedMatch21.2r1-s1
OR
juniperjunos_os_evolvedMatch21.2r1-s2
OR
juniperjunos_os_evolvedMatch21.2r2
OR
juniperjunos_os_evolvedMatch21.2r2-s1
OR
juniperjunos_os_evolvedMatch21.2r2-s2
OR
juniperjunos_os_evolvedMatch21.2r3
OR
juniperjunos_os_evolvedMatch21.2r3-s1
OR
juniperjunos_os_evolvedMatch21.2r3-s2
OR
juniperjunos_os_evolvedMatch21.2r3-s3
OR
juniperjunos_os_evolvedMatch21.2r3-s4
OR
juniperjunos_os_evolvedMatch21.2r3-s5
OR
juniperjunos_os_evolvedMatch21.3-
OR
juniperjunos_os_evolvedMatch21.3r1
OR
juniperjunos_os_evolvedMatch21.3r1-s1
OR
juniperjunos_os_evolvedMatch21.3r2
OR
juniperjunos_os_evolvedMatch21.3r2-s1
OR
juniperjunos_os_evolvedMatch21.3r2-s2
OR
juniperjunos_os_evolvedMatch21.3r3
OR
juniperjunos_os_evolvedMatch21.3r3-s1
OR
juniperjunos_os_evolvedMatch21.3r3-s2
OR
juniperjunos_os_evolvedMatch21.3r3-s3
OR
juniperjunos_os_evolvedMatch21.3r3-s4
OR
juniperjunos_os_evolvedMatch21.4-
OR
juniperjunos_os_evolvedMatch21.4r1
OR
juniperjunos_os_evolvedMatch21.4r1-s1
OR
juniperjunos_os_evolvedMatch21.4r1-s2
OR
juniperjunos_os_evolvedMatch21.4r2
OR
juniperjunos_os_evolvedMatch21.4r2-s1
OR
juniperjunos_os_evolvedMatch21.4r2-s2
OR
juniperjunos_os_evolvedMatch21.4r3
OR
juniperjunos_os_evolvedMatch21.4r3-s1
OR
juniperjunos_os_evolvedMatch21.4r3-s2
OR
juniperjunos_os_evolvedMatch21.4r3-s3
OR
juniperjunos_os_evolvedMatch22.1r1
OR
juniperjunos_os_evolvedMatch22.1r1-s1
OR
juniperjunos_os_evolvedMatch22.1r1-s2
OR
juniperjunos_os_evolvedMatch22.1r2
OR
juniperjunos_os_evolvedMatch22.1r2-s1
OR
juniperjunos_os_evolvedMatch22.1r3
OR
juniperjunos_os_evolvedMatch22.1r3-s1
OR
juniperjunos_os_evolvedMatch22.1r3-s2
OR
juniperjunos_os_evolvedMatch22.2r1
OR
juniperjunos_os_evolvedMatch22.2r1-s1
OR
juniperjunos_os_evolvedMatch22.2r2
OR
juniperjunos_os_evolvedMatch22.2r2-s1
OR
juniperjunos_os_evolvedMatch22.2r2-s2
OR
juniperjunos_os_evolvedMatch22.2r3
OR
juniperjunos_os_evolvedMatch22.3r1
OR
juniperjunos_os_evolvedMatch22.3r1-s1
OR
juniperjunos_os_evolvedMatch22.3r1-s2
OR
juniperjunos_os_evolvedMatch22.3r2
OR
juniperjunos_os_evolvedMatch22.3r2-s1
OR
juniperjunos_os_evolvedMatch22.3r2-s2
OR
juniperjunos_os_evolvedMatch22.4r1
OR
juniperjunos_os_evolvedMatch22.4r1-s1
OR
juniperjunos_os_evolvedMatch22.4r1-s2

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "19.1R3-S10",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "19.2R3-S7",
        "status": "affected",
        "version": "19.2",
        "versionType": "semver"
      },
      {
        "lessThan": "19.3R3-S8",
        "status": "affected",
        "version": "19.3",
        "versionType": "semver"
      },
      {
        "lessThan": "19.4R3-S12",
        "status": "affected",
        "version": "19.4",
        "versionType": "semver"
      },
      {
        "lessThan": "20.2R3-S8",
        "status": "affected",
        "version": "20.2",
        "versionType": "semver"
      },
      {
        "lessThan": "20.4R3-S8",
        "status": "affected",
        "version": "20.4",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S6",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S5",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S5",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S3",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S2",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R3-S1",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R2-S1",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      },
      {
        "lessThan": "23.2R2",
        "status": "affected",
        "version": "23.2",
        "versionType": "semver"
      }
    ]
  }
]

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

8.9%

Related for CVE-2023-44178