CVE-2023-36843 Junos OS: SRX Series: The PFE will crash on receiving malformed SSL traffic when Sky ATP is enabled

🗓️ 12 Oct 2023 22:58:49Reported by juniperType

Junos OS: SRX Series: PFE crash with malformed SSL traffi

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the Junos Services Framework (jsf) module of the Juniper Networks Junos operating system, which allows a attacker to trigger a Denial-of-Service Attack (DoS).	17 Oct 202300:00	–	bdu_fstec
Circl	CVE-2023-36843	13 Oct 202302:36	–	circl
CNNVD	Juniper Networks Junos OS Security Vulnerability	12 Oct 202300:00	–	cnnvd
CVE	CVE-2023-36843	12 Oct 202322:58	–	cve
EUVD	EUVD-2023-40763	3 Oct 202520:07	–	euvd
Tenable Nessus	Juniper Junos OS DoS Vulnerability (JSA73174)	25 Oct 202300:00	–	nessus
NVD	CVE-2023-36843	12 Oct 202323:15	–	nvd
Prion	Input validation	12 Oct 202323:15	–	prion
Positive Technologies	PT-2023-6081 · Juniper Networks · Junos	12 Oct 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-36843 Junos OS: SRX Series: The PFE will crash on receiving malformed SSL traffic when Sky ATP is enabled	12 Oct 202322:58	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "SRX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "20.4R3-S8",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.1*",
        "status": "affected",
        "version": "21.1R1",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S6",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S5",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S5",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S4",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S2",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R2-S2, 22.3R3",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R2-S1, 22.4R3",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA73174

12 Oct 2023 22:58Current

7.8High risk

Vulners AI Score7.8

CVSS 3.17.5

EPSS0.00547

CWE-168