CVE-2023-22407 - OpenCVE

An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). An rpd crash can occur when an MPLS TE tunnel configuration change occurs on a directly connected router. This issue affects: Juniper Networks Junos OS All versions prior to 18.4R2-S7; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R3; 19.3 versions prior to 19.3R3; 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2. Juniper Networks Junos OS Evolved All versions prior to 19.2R3-EVO; 19.3 versions prior to 19.3R3-EVO; 19.4 versions prior to 19.4R3-EVO; 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R2-EVO.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Juniper	Junos Junos Os Evolved

Configuration 1 [-]

OR	cpe:2.3:o:juniper:junos::::::::
	cpe:2.3:o:juniper:junos:18.4:-::::::
	cpe:2.3:o:juniper:junos:18.4:r1::::::
	cpe:2.3:o:juniper:junos:18.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:18.4:r1-s2::::::
	cpe:2.3:o:juniper:junos:18.4:r1-s3::::::
	cpe:2.3:o:juniper:junos:18.4:r1-s4::::::
	cpe:2.3:o:juniper:junos:18.4:r1-s5::::::
	cpe:2.3:o:juniper:junos:18.4:r1-s6::::::
	cpe:2.3:o:juniper:junos:18.4:r1-s7::::::
	cpe:2.3:o:juniper:junos:18.4:r2::::::
	cpe:2.3:o:juniper:junos:18.4:r2-s1::::::
	cpe:2.3:o:juniper:junos:18.4:r2-s10::::::
	cpe:2.3:o:juniper:junos:18.4:r2-s2::::::
	cpe:2.3:o:juniper:junos:18.4:r2-s3::::::
	cpe:2.3:o:juniper:junos:18.4:r2-s4::::::
	cpe:2.3:o:juniper:junos:18.4:r2-s5::::::
	cpe:2.3:o:juniper:junos:18.4:r2-s6::::::
	cpe:2.3:o:juniper:junos:19.1:-::::::
	cpe:2.3:o:juniper:junos:19.1:r1::::::
	cpe:2.3:o:juniper:junos:19.1:r1-s1::::::
	cpe:2.3:o:juniper:junos:19.1:r1-s2::::::
	cpe:2.3:o:juniper:junos:19.1:r1-s3::::::
	cpe:2.3:o:juniper:junos:19.1:r1-s4::::::
	cpe:2.3:o:juniper:junos:19.1:r1-s5::::::
	cpe:2.3:o:juniper:junos:19.1:r1-s6::::::
	cpe:2.3:o:juniper:junos:19.1:r2::::::
	cpe:2.3:o:juniper:junos:19.1:r2-s1::::::
	cpe:2.3:o:juniper:junos:19.1:r2-s2::::::
	cpe:2.3:o:juniper:junos:19.1:r2-s3::::::
	cpe:2.3:o:juniper:junos:19.1:r3::::::
	cpe:2.3:o:juniper:junos:19.1:r3-s1::::::
	cpe:2.3:o:juniper:junos:19.2:-::::::
	cpe:2.3:o:juniper:junos:19.2:r1::::::
	cpe:2.3:o:juniper:junos:19.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:19.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:19.2:r1-s3::::::
	cpe:2.3:o:juniper:junos:19.2:r1-s4::::::
	cpe:2.3:o:juniper:junos:19.2:r1-s5::::::
	cpe:2.3:o:juniper:junos:19.2:r1-s6::::::
	cpe:2.3:o:juniper:junos:19.2:r1-s7::::::
	cpe:2.3:o:juniper:junos:19.2:r1-s8::::::
	cpe:2.3:o:juniper:junos:19.2:r1-s9::::::
	cpe:2.3:o:juniper:junos:19.2:r2::::::
	cpe:2.3:o:juniper:junos:19.2:r2-s1::::::
	cpe:2.3:o:juniper:junos:19.2:r3::::::
	cpe:2.3:o:juniper:junos:19.2:r3-s1::::::
	cpe:2.3:o:juniper:junos:19.3:-::::::
	cpe:2.3:o:juniper:junos:19.3:r1::::::
	cpe:2.3:o:juniper:junos:19.3:r1-s1::::::
	cpe:2.3:o:juniper:junos:19.3:r2::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s1::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s2::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s3::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s4::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s5::::::
	cpe:2.3:o:juniper:junos:19.3:r2-s6::::::
	cpe:2.3:o:juniper:junos:19.4:-::::::
	cpe:2.3:o:juniper:junos:19.4:r1::::::
	cpe:2.3:o:juniper:junos:19.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:19.4:r1-s2::::::
	cpe:2.3:o:juniper:junos:19.4:r1-s3::::::
	cpe:2.3:o:juniper:junos:19.4:r1-s4::::::
	cpe:2.3:o:juniper:junos:19.4:r2::::::
cpe:2.3:o:juniper:junos:19.4:r2-s1::::::
cpe:2.3:o:juniper:junos:19.4:r2-s2::::::
cpe:2.3:o:juniper:junos:19.4:r2-s3::::::
cpe:2.3:o:juniper:junos:19.4:r2-s4::::::
cpe:2.3:o:juniper:junos:19.4:r2-s5::::::
cpe:2.3:o:juniper:junos:19.4:r2-s6::::::
cpe:2.3:o:juniper:junos:19.4:r2-s7::::::
cpe:2.3:o:juniper:junos:20.1:-::::::
cpe:2.3:o:juniper:junos:20.1:r1::::::
cpe:2.3:o:juniper:junos:20.1:r1-s1::::::
cpe:2.3:o:juniper:junos:20.1:r1-s2::::::
cpe:2.3:o:juniper:junos:20.1:r1-s3::::::
cpe:2.3:o:juniper:junos:20.1:r1-s4::::::
cpe:2.3:o:juniper:junos:20.2:-::::::
cpe:2.3:o:juniper:junos:20.2:r1::::::
cpe:2.3:o:juniper:junos:20.2:r1-s1::::::
cpe:2.3:o:juniper:junos:20.2:r1-s2::::::
cpe:2.3:o:juniper:junos:20.2:r1-s3::::::

Configuration 2 [-]

OR	cpe:2.3:o:juniper:junos_os_evolved::::::::
	cpe:2.3:o:juniper:junos_os_evolved:19.2:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:19.2:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:19.3:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:19.3:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:19.4:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:19.4:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:19.4:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:19.4:r2-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:19.4:r2-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:20.1:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:20.1:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:20.1:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:20.1:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s3::::::
	cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s4::::::
	cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s5::::::
	cpe:2.3:o:juniper:junos_os_evolved:20.2:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:20.2:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:20.2:r1-s1::::::

No data.

References

Link	Providers
https://kb.juniper.net/JSA70203

History

No history.

MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2023-01-12T00:00:00

Updated: 2024-08-02T10:07:06.587Z

Reserved: 2022-12-27T00:00:00

Link: CVE-2023-22407

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-01-13T00:15:11.077

Modified: 2023-01-20T07:57:49.667

Link: CVE-2023-22407

Redhat

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object