cbcvebase.
CVE-2023-22416
published 2023-01-13

CVE-2023-22416: A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On…

high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon (flowd) will crash and restart. This issue affects: Juniper Networks Junos OS on MX Series and SRX Series 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2; 22.2 versions prior to 22.2R1-S1, 22.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1 on SRX Series.

Affected

18 ranges
VendorProductVersion rangeFixed in
juniperjunos< 20.420.4
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos_os
junipermx_series
junipersrx_series
juniper_networksjunos_os>= 20.4 < 20.4R3-S520.4R3-S5
juniper_networksjunos_os>= 21.1 < 21.1R3-S421.1R3-S4
juniper_networksjunos_os>= 21.2 < 21.2R3-S221.2R3-S2
juniper_networksjunos_os>= 21.3 < 21.3R3-S121.3R3-S1
juniper_networksjunos_os>= 21.4 < 21.4R321.4R3
juniper_networksjunos_os>= 22.1 < 22.1R1-S2, 22.1R222.1R1-S2, 22.1R2
juniper_networksjunos_os>= 22.2 < 22.2R1-S1, 22.2R222.2R1-S1, 22.2R2