CVE-2023-36842 Junos OS: jdhcpd will hang on receiving a specific DHCP packet

🗓️ 12 Jan 2024 00:48:25Reported by juniperType

Junos OS: jdhcpd DoS vulnerability

Reporter	Title	Published	Views	Family All 12
BDU FSTEC	The vulnerability of the DHCP Daemon (jdhcpd) on Juniper Networks Junos OS allows a attacker to cause a service failure.	19 Jan 202400:00	–	bdu_fstec
Circl	CVE-2023-36842	12 Jan 202402:26	–	circl
CNNVD	Juniper Networks Junos OS Security Vulnerability	12 Jan 202400:00	–	cnnvd
CVE	CVE-2023-36842	12 Jan 202400:48	–	cve
EUVD	EUVD-2023-40762	3 Oct 202520:07	–	euvd
Tenable Nessus	Juniper Junos OS Vulnerability (JSA75730)	27 Apr 202600:00	–	nessus
NCSC	Vulnerabilities fixed in Juniper Junos OS and Junos OS Evolved	12 Jan 202400:00	–	ncsc
NVD	CVE-2023-36842	12 Jan 202401:15	–	nvd
OSV	CVE-2023-36842	12 Jan 202401:15	–	osv
Prion	Input validation	12 Jan 202401:15	–	prion

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "MX Series",
      "EX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "20.4R3-S9",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S7",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S5",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S5",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S4",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S3",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R3-S2",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R2-S2, 22.4R3",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      },
      {
        "lessThan": "23.2R2",
        "status": "affected",
        "version": "23.2",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA75730
first	www.first.org/cvss/calculator/4.0

12 Jan 2024 00:50Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.16.5

EPSS0.00291

CWE-703