CVE-2023-36848 Junos OS: MX Series: The FPC will crash on receiving a malformed CFM packet

🗓️ 14 Jul 2023 17:52:37Reported by juniperType

Junos OS: MX Series FPC crash from malformed CFM packe

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of PPMD in Juniper Networks Junos router series MX operating systems allows a attacker to cause a service failure.	3 Nov 202300:00	–	bdu_fstec
Circl	CVE-2023-36848	14 Jul 202322:22	–	circl
CNNVD	Juniper Networks Junos OS MX 安全漏洞	14 Jul 202300:00	–	cnnvd
CVE	CVE-2023-36848	14 Jul 202317:52	–	cve
EUVD	EUVD-2023-40768	3 Oct 202520:07	–	euvd
Tenable Nessus	Juniper Junos OS Vulnerability (JSA71659)	12 Jul 202300:00	–	nessus
NCSC	Vulnerabilities fixed in Juniper JunOS	13 Jul 202300:00	–	ncsc
NVD	CVE-2023-36848	14 Jul 202318:15	–	nvd
Prion	Input validation	14 Jul 202318:15	–	prion
Positive Technologies	PT-2023-6695 · Juniper Networks · Junos	12 Jul 202300:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "MX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "19.1R3-S10",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "19.2R3-S7",
        "status": "affected",
        "version": "19.2",
        "versionType": "custom"
      },
      {
        "lessThan": "19.3R3-S8",
        "status": "affected",
        "version": "19.3",
        "versionType": "custom"
      },
      {
        "lessThan": "19.4R3-S12",
        "status": "affected",
        "version": "19.4",
        "versionType": "custom"
      },
      {
        "lessThan": "20.1*",
        "status": "affected",
        "version": "20.1",
        "versionType": "custom"
      },
      {
        "lessThan": "20.2R3-S8",
        "status": "affected",
        "version": "20.2",
        "versionType": "custom"
      },
      {
        "lessThan": "20.3*",
        "status": "affected",
        "version": "20.3",
        "versionType": "custom"
      },
      {
        "lessThan": "20.4R3-S7",
        "status": "affected",
        "version": "20.4",
        "versionType": "custom"
      },
      {
        "lessThan": "21.1R3-S5",
        "status": "affected",
        "version": "21.1",
        "versionType": "custom"
      },
      {
        "lessThan": "21.2R3-S5",
        "status": "affected",
        "version": "21.2",
        "versionType": "custom"
      },
      {
        "lessThan": "21.3R3-S4",
        "status": "affected",
        "version": "21.3",
        "versionType": "custom"
      },
      {
        "lessThan": "21.4R3-S4",
        "status": "affected",
        "version": "21.4",
        "versionType": "custom"
      },
      {
        "lessThan": "22.1R3-S3",
        "status": "affected",
        "version": "22.1",
        "versionType": "custom"
      },
      {
        "lessThan": "22.2R3-S1",
        "status": "affected",
        "version": "22.2",
        "versionType": "custom"
      },
      {
        "lessThan": "22.3R3",
        "status": "affected",
        "version": "22.3",
        "versionType": "custom"
      },
      {
        "lessThan": "22.4R1-S2, 22.4R2",
        "status": "affected",
        "version": "22.4",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA71659

14 Jul 2023 17:52Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.16.5

EPSS0.00096

CWE-232