CVE-2023-22401 — Improper Validation of Array Index in Networks Junos OS

CWE-129 — Improper Validation of Array Index4 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.4%

top 39.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Networks Junos OS Evolved Juniper Junos +1 more

Timeline

PublishedJan 13

Description

An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On the PTX10008 and PTX10016 platforms running Junos OS or Junos OS Evolved, when a specific SNMP MIB is queried this will cause a PFE crash and the FPC will go offline and not automatically recover. A system restart is required to get the affected FPC…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os_evolved21.3R3-EVO — 21.3-EVO*+3

▶CVEListV5juniper_networks/junos_os22.1R2 — 22.1*+1

▶NVDjuniper/junos_os_evolved4 versions+3

▶NVDjuniper/junos22.1, 22.2+1

🔴Vulnerability Details

GHSA

GHSA-5h7m-mq92-ggc6: An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand) of Juniper Networks Junos OS and Junos↗2023-01-13

▶

CVEList

Junos OS and Junos OS Evolved: PTX10008, PTX10016: When a specific SNMP MIB is queried the FPC will crash↗2023-01-12

▶

📋Vendor Advisories

Juniper

CVE-2023-22401: An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand) of Juniper Networks Junos OS and Junos↗2023-01-13

▶