CVE-2023-22413Improper Check or Handling of Exceptional Conditions in Networks Junos OS

CWE-703Improper Check or Handling of Exceptional Conditions4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 36.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJan 13

Description

An Improper Check or Handling of Exceptional Conditions vulnerability in the IPsec library of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause Denial of Service (DoS). On all MX platforms with MS-MPC or MS-MIC card, when specific IPv4 packets are processed by an IPsec6 tunnel, the Multiservices PIC Management Daemon (mspmand) process will core and restart. This will lead to FPC crash. Traffic flow is impacted while mspmand restarts. Continued receipt of these s

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_osunspecified19.4R3-S9+9
NVDjuniper/junos< 19.4+10

🔴Vulnerability Details

2
GHSA
GHSA-8rvm-9p93-p2qq: An Improper Check or Handling of Exceptional Conditions vulnerability in the IPsec library of Juniper Networks Junos OS allows a network-based, unauth2023-01-13
CVEList
Junos OS: MX Series: The Multiservices PIC Management Daemon (mspmand) will crash when an IPsec6 tunnel processes specific IPv4 packets2023-01-12

📋Vendor Advisories

1
Juniper
CVE-2023-22413: An Improper Check or Handling of Exceptional Conditions vulnerability in the IPsec library of Juniper Networks Junos OS allows a network-based, unauth2023-01-13
CVE-2023-22413 — Networks Junos OS vulnerability | cvebase