Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
Low
Attack Vector
Local
0

CVE-2023-28980

Disclosure Date: April 12, 2023
CVE-2023-28980 CVSS v3 Base Score: 5.5
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service (DoS). In a rib sharding scenario the rpd process will crash shortly after specific CLI command is issued. This issue is more likely to occur in a scenario with high route scale (>1M routes).

This issue affects:
Juniper Networks Junos OS

  • 20.2 version 20.2R3-S5 and later versions prior to 20.2R3-S6;
  • 20.3 version 20.3R3-S2 and later versions prior to 20.3R3-S5;
  • 20.4 version 20.4R3-S1 and later versions prior to 20.4R3-S4
  • 21.1 version 21.1R3 and later versions prior to 21.1R3-S3;
  • 21.2 version 21.2R1-S2, 21.2R2-S1 and later versions prior to 21.2R3-S2;
  • 21.3 version 21.3R2 and later versions prior to 21.3R3;
  • 21.4 versions prior to 21.4R2-S1, 21.4R3;
  • 22.1 versions prior to 22.1R2.

Juniper Networks Junos OS Evolved

  • 20.4-EVO version 20.4R3-S1-EVO and later versions prior to 20.4R3-S6-EVO;
  • 21.2-EVO version 21.2R1-S2-EVO and later versions prior to 21.2R3-S4-EVO;
  • 21.3-EVO version 21.3R2-EVO and later versions prior to 21.3R3-S1-EVO;
  • 21.4-EVO versions prior to 21.4R2-S1-EVO, 21.4R3-EVO;
  • 22.1-EVO versions prior to 22.1R2-EVO.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
5.5 Medium
Impact Score:
3.6
Exploitability Score:
1.8
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Junos OS 20.2R3-S6
Junos OS 20.3R3-S5
Junos OS 20.4R3-S4
Junos OS 21.1R3-S3
Junos OS 21.2R3-S2
Junos OS 21.3R3
Junos OS 21.4R2-S1, 21.4R3
Junos OS 22.1R2
Junos OS Evolved 20.4R3-S6-EVO
Junos OS Evolved 21.2R3-S4-EVO
Junos OS Evolved 21.3R3-S1-EVO
Junos OS Evolved 21.4R2-S1-EVO, 21.4R3-EVO
Junos OS Evolved 22.1R2-EVO
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • juniper

Products

  • junos 20.2,
  • junos 20.3,
  • junos 20.4,
  • junos 21.1,
  • junos 21.2,
  • junos 21.3,
  • junos 21.4,
  • junos 22.1,
  • junos os evolved 20.4,
  • junos os evolved 21.2,
  • junos os evolved 21.3,
  • junos os evolved 21.4,
  • junos os evolved 22.1

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis