CVE-2023-44182 Junos OS and Junos OS Evolved: An Unchecked Return Value in multiple users interfaces affects confidentiality and integrity of device operations

🗓️ 12 Oct 2023 23:01:52Reported by juniperType

Unintended privilege escalation in Junos OS and Junos OS Evolved interface

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the command-line interface (CLI) of Juniper Networks’ Junos OS Evolved operating system, which allows a attacker to trigger a service failure.	24 Oct 202300:00	–	bdu_fstec
CNNVD	Juniper Networks Junos OS and Juniper Networks Junos OS Evolved Security Vulnerabilities	12 Oct 202300:00	–	cnnvd
CVE	CVE-2023-44182	12 Oct 202323:01	–	cve
EUVD	EUVD-2023-48541	3 Oct 202520:07	–	euvd
Tenable Nessus	Juniper Junos OS Unchecked Return Value (JSA73149)	20 Oct 202300:00	–	nessus
NCSC	Vulnerabilities fixed in Juniper Junos OS and Junos OS Evolved	12 Oct 202300:00	–	ncsc
NVD	CVE-2023-44182	13 Oct 202300:15	–	nvd
OSV	CVE-2023-44182	13 Oct 202300:15	–	osv
Prion	Privilege escalation	13 Oct 202300:15	–	prion
Positive Technologies	PT-2023-6331 · Juniper Networks · Junos Evolved +1	11 Oct 202300:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "20.4R3-S7",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.1R3-S5",
        "status": "affected",
        "version": "21.1",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S5",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S4",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S3",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S2",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R2-S2, 22.2R3",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R1-S2, 22.3R2",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS Evolved",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "21.4R3-S3-EVO",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1*-EVO",
        "status": "affected",
        "version": "22.1R1-EVO",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R2-S2-EVO, 22.2R3-EVO",
        "status": "affected",
        "version": "22.2-EVO",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R1-S2-EVO, 22.3R2-EVO",
        "status": "affected",
        "version": "22.3-EVO",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
juniper	www.juniper.net/documentation/us/en/software/junos/interfaces-telemetry/topics/concept/junos-telemetry-interface-grpc-sensors.html
supportportal	www.supportportal.juniper.net/JSA73149
juniper	www.juniper.net/documentation/en_US/junos/topics/concept/junos-software-user-interfaces-overview.html

12 Oct 2023 23:07Current

9.2High risk

Vulners AI Score9.2

CVSS 3.17.3

EPSS0.00582

CWE-252