CVE-2023-44197 Junos OS and Junos OS Evolved: An rpd crash may occur when BGP is processing newly learned routes

🗓️ 12 Oct 2023 23:05:23Reported by juniperType

Junos OS and OS Evolved: Out-of-Bounds Write in rpd may cause Do

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the Demon Routing Protocol Daemon (rpd) in Juniper Networks’ Junos OS and Juniper Networks’ Junos OS Evolved operating systems allows a attacker to cause a service failure.	23 Oct 202300:00	–	bdu_fstec
CNNVD	Juniper Networks Junos OS and Junos OS Evolved Buffer Error Vulnerability	12 Oct 202300:00	–	cnnvd
CVE	CVE-2023-44197	12 Oct 202323:05	–	cve
EUVD	EUVD-2023-48556	3 Oct 202520:07	–	euvd
Tenable Nessus	Juniper Junos OS Vulnerability (JSA73163)	11 Oct 202300:00	–	nessus
NCSC	Vulnerabilities fixed in Juniper Junos OS and Junos OS Evolved	12 Oct 202300:00	–	ncsc
NVD	CVE-2023-44197	13 Oct 202300:15	–	nvd
Prion	Cross site scripting	13 Oct 202300:15	–	prion
Positive Technologies	PT-2023-6308 · Juniper Networks · Junos Evolved +1	11 Oct 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-44197 Junos OS and Junos OS Evolved: An rpd crash may occur when BGP is processing newly learned routes	12 Oct 202323:05	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "20.4R3-S8",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.1*",
        "status": "affected",
        "version": "21.1R1",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S2",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S5",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R2-S1, 21.4R3-S5",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS Evolved",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "20.4R3-S8-EVO",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.1*-EVO",
        "status": "affected",
        "version": "21.1R1-EVO",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S2-EVO",
        "status": "affected",
        "version": "21.2-EVO",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3*-EVO",
        "status": "affected",
        "version": "21.3R1-EVO",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R2-S1-EVO, 21.4R3-S5-EVO",
        "status": "affected",
        "version": "21.4-EVO",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA73163

12 Oct 2023 23:05Current

7.6High risk

Vulners AI Score7.6

CVSS 3.17.5

EPSS0.00515

CWE-787