Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-36833
HistoryJul 14, 2023 - 5:15 p.m.

CVE-2023-36833

2023-07-1417:15:09
CWE-416
[email protected]
web.nvd.nist.gov
3
use after free
juniper networks
junos os evolved
ptx10001-36mr
ptx10004
ptx10008
ptx10016
lc1201/1202
denial of service
multicast-only fast reroute
cve-2023-36833

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

18.0%

JSON

A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).

The process ā€˜aftman-btā€™ will crash after multiple flaps on a multicast-only fast reroute (MoFRR) enabled interface. This will cause the respective FPC to stop forwarding traffic and it needs to be rebooted to restore the service.

An indication that the system experienced this issue is the following log message:

<date> <hostname> evo-aftmand-bt[<pid>]: [Error] jexpr_fdb: sanity check failed, ā€¦ , app_name L3 Mcast Routes

This issue affects Juniper Networks Junos OS Evolved on PTX10001-36MR, PTX10004, PTX10008, PTX10016 with LC1201/1202:
21.2 version 21.2R1-EVO and later versions;
21.3 version 21.3R1-EVO and later versions;
21.4 versions prior to 21.4R3-S3-EVO;
22.1 version 22.1R1-EVO and later versions;
22.2 versions prior to 22.2R3-S2-EVO;
22.3 versions prior to 22.3R3-EVO;
22.4 versions prior to 22.4R1-S2-EVO, 22.4R2-EVO.

Affected configurations

Nvd
Node
juniperjunos_os_evolvedMatch21.2-
OR
juniperjunos_os_evolvedMatch21.2r1
OR
juniperjunos_os_evolvedMatch21.2r1-s1
OR
juniperjunos_os_evolvedMatch21.2r1-s2
OR
juniperjunos_os_evolvedMatch21.2r2
OR
juniperjunos_os_evolvedMatch21.2r2-s1
OR
juniperjunos_os_evolvedMatch21.2r2-s2
OR
juniperjunos_os_evolvedMatch21.2r3
OR
juniperjunos_os_evolvedMatch21.2r3-s1
OR
juniperjunos_os_evolvedMatch21.2r3-s2
OR
juniperjunos_os_evolvedMatch21.2r3-s3
OR
juniperjunos_os_evolvedMatch21.2r3-s4
OR
juniperjunos_os_evolvedMatch21.2r3-s5
OR
juniperjunos_os_evolvedMatch21.3-
OR
juniperjunos_os_evolvedMatch21.3r1
OR
juniperjunos_os_evolvedMatch21.3r1-s1
OR
juniperjunos_os_evolvedMatch21.3r2
OR
juniperjunos_os_evolvedMatch21.3r2-s1
OR
juniperjunos_os_evolvedMatch21.3r2-s2
OR
juniperjunos_os_evolvedMatch21.3r3
OR
juniperjunos_os_evolvedMatch21.3r3-s1
OR
juniperjunos_os_evolvedMatch21.3r3-s2
OR
juniperjunos_os_evolvedMatch21.3r3-s3
OR
juniperjunos_os_evolvedMatch21.3r3-s4
OR
juniperjunos_os_evolvedMatch21.4-
OR
juniperjunos_os_evolvedMatch21.4r1
OR
juniperjunos_os_evolvedMatch21.4r1-s1
OR
juniperjunos_os_evolvedMatch21.4r1-s2
OR
juniperjunos_os_evolvedMatch21.4r2
OR
juniperjunos_os_evolvedMatch21.4r2-s1
OR
juniperjunos_os_evolvedMatch21.4r2-s2
OR
juniperjunos_os_evolvedMatch21.4r3
OR
juniperjunos_os_evolvedMatch21.4r3-s1
OR
juniperjunos_os_evolvedMatch21.4r3-s2
OR
juniperjunos_os_evolvedMatch22.1r1
OR
juniperjunos_os_evolvedMatch22.1r1-s1
OR
juniperjunos_os_evolvedMatch22.1r1-s2
OR
juniperjunos_os_evolvedMatch22.1r2
OR
juniperjunos_os_evolvedMatch22.1r2-s1
OR
juniperjunos_os_evolvedMatch22.1r3
OR
juniperjunos_os_evolvedMatch22.1r3-s1
OR
juniperjunos_os_evolvedMatch22.1r3-s2
OR
juniperjunos_os_evolvedMatch22.1r3-s3
OR
juniperjunos_os_evolvedMatch22.2r1
OR
juniperjunos_os_evolvedMatch22.2r1-s1
OR
juniperjunos_os_evolvedMatch22.2r2
OR
juniperjunos_os_evolvedMatch22.2r2-s1
OR
juniperjunos_os_evolvedMatch22.2r2-s2
OR
juniperjunos_os_evolvedMatch22.2r3
OR
juniperjunos_os_evolvedMatch22.2r3-s1
OR
juniperjunos_os_evolvedMatch22.3r1
OR
juniperjunos_os_evolvedMatch22.3r1-s1
OR
juniperjunos_os_evolvedMatch22.3r1-s2
OR
juniperjunos_os_evolvedMatch22.3r2
OR
juniperjunos_os_evolvedMatch22.3r2-s1
OR
juniperjunos_os_evolvedMatch22.4r1
OR
juniperjunos_os_evolvedMatch22.4r1-s1
AND
juniperptx10001-36mrMatch-
OR
juniperptx10004Match-
OR
juniperptx10008Match-
OR
juniperptx10016Match-
VendorProductVersionCPE
juniperjunos_os_evolved21.2cpe:2.3:o:juniper:junos_os_evolved:21.2:-:*:*:*:*:*:*
juniperjunos_os_evolved21.2cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*
juniperjunos_os_evolved21.2cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*
juniperjunos_os_evolved21.2cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*
juniperjunos_os_evolved21.2cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*
juniperjunos_os_evolved21.2cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*
juniperjunos_os_evolved21.2cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*
juniperjunos_os_evolved21.2cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*
juniperjunos_os_evolved21.2cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:*:*:*:*:*:*
juniperjunos_os_evolved21.2cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:*:*:*:*:*:*
Rows per page:
1-10 of 611

Related

cve 1
prion 1
nessus 1
cvelist 1
cve
cve
CVE-2023-36833
2023-07-14 17:15:09
prion
prion
Design/Logic Flaw
2023-07-14 17:15:00
nessus
nessus
Juniper Junos OS Vulnerability (JSA71640)
2023-07-12 00:00:00
cvelist
cvelist
CVE-2023-36833 Junos OS Evolved: PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202: The aftman-bt process will crash in a MoFRR scenario after multiple link flaps
2023-07-14 16:56:37

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

18.0%

JSON
Related for NVD:CVE-2023-36833
cve1prion1nessus1cvelist1