CVE-2023-28985Improper Validation of Syntactic Correctness of Input in Networks Junos OS

CWE-1286Improper Validation of Syntactic Correctness of Input4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 61.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Juniper Networks Junos OS
Timeline
PublishedJul 14

Description

An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). Continued receipt of this specific packet will cause a sustained Denial of Service condition. On all SRX Series and MX Series platforms, where IDP is enabled and a specific malformed SSL packet is received, the SSL detector crashes leading to an FPC core.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

CVEListV5juniper_networks/junos_osunspecifiedSigPack 3598

🔴Vulnerability Details

2
GHSA
GHSA-qr5c-3grv-7gcm: An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and2023-07-14
CVEList
SRX Series and MX Series: An FPC core is observed when IDP is enabled on the device and a specific malformed SSL packet is received2023-07-14

📋Vendor Advisories

1
Juniper
CVE-2023-28985: An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and2023-07-14
CVE-2023-28985 — Networks Junos OS vulnerability | cvebase