JuniperCVELIST:CVE-2023-28980CVE-2023-28980 Junos OS and Junos OS Evolved: In a BGP rib sharding scenario an rpd crash will happen shortly after a specific CLI command is issued
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
9.0%
A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service (DoS). In a rib sharding scenario the rpd process will crash shortly after specific CLI command is issued. This issue is more likely to occur in a scenario with high route scale (>1M routes).
This issue affects:
Juniper Networks Junos OS
- 20.2 version 20.2R3-S5 and later versions prior to 20.2R3-S6;
- 20.3 version 20.3R3-S2 and later versions prior to 20.3R3-S5;
- 20.4 version 20.4R3-S1 and later versions prior to 20.4R3-S4
- 21.1 version 21.1R3 and later versions prior to 21.1R3-S3;
- 21.2 version 21.2R1-S2, 21.2R2-S1 and later versions prior to 21.2R3-S2;
- 21.3 version 21.3R2 and later versions prior to 21.3R3;
- 21.4 versions prior to 21.4R2-S1, 21.4R3;
- 22.1 versions prior to 22.1R2.
Juniper Networks Junos OS Evolved
- 20.4-EVO version 20.4R3-S1-EVO and later versions prior to 20.4R3-S6-EVO;
- 21.2-EVO version 21.2R1-S2-EVO and later versions prior to 21.2R3-S4-EVO;
- 21.3-EVO version 21.3R2-EVO and later versions prior to 21.3R3-S1-EVO;
- 21.4-EVO versions prior to 21.4R2-S1-EVO, 21.4R3-EVO;
- 22.1-EVO versions prior to 22.1R2-EVO.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.2R3-S6",
"status": "affected",
"version": "20.2R3-S5",
"versionType": "semver"
},
{
"lessThan": "20.3R3-S5",
"status": "affected",
"version": "20.3R3-S2",
"versionType": "semver"
},
{
"lessThan": "20.4R3-S4",
"status": "affected",
"version": "20.4R3-S1",
"versionType": "semver"
},
{
"lessThan": "21.1R3-S3",
"status": "affected",
"version": "21.1R3",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S2",
"status": "affected",
"version": "21.2R1-S2, 21.2R2-S1",
"versionType": "semver"
},
{
"lessThan": "21.3R3",
"status": "affected",
"version": "21.3R2",
"versionType": "semver"
},
{
"lessThan": "21.4R2-S1, 21.4R3",
"status": "affected",
"version": "21.4R1",
"versionType": "semver"
},
{
"lessThan": "22.1R2",
"status": "affected",
"version": "22.1R1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S6-EVO",
"status": "affected",
"version": "20.4R3-S1-EVO",
"versionType": "semver"
},
{
"lessThan": "21.2R3-S4-EVO",
"status": "affected",
"version": "21.2R1-S2-EVO",
"versionType": "semver"
},
{
"lessThan": "21.3R3-S1-EVO",
"status": "affected",
"version": "21.3R2-EVO",
"versionType": "semver"
},
{
"lessThan": "21.4R2-S1-EVO, 21.4R3-EVO",
"status": "affected",
"version": "21.4R1-EVO",
"versionType": "semver"
},
{
"lessThan": "22.1R2-EVO",
"status": "affected",
"version": "22.1R1-EVO",
"versionType": "semver"
}
]
}
]References
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
9.0%