CVE-2023-36831
published 2023-07-14CVE-2023-36831: An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak to occur when accessing certain websites, eventually leading to a Denial of Service (DoS) condition. Service restoration is only possible by rebooting the system.
The jbuf memory leak only occurs in SSL Proxy and UTM Web-Filtering configurations. Other products, platforms, and configurations are not affected by this vulnerability.
This issue affects Juniper Networks Junos OS on SRX Series:
22.2 versions prior to 22.2R3;
22.3 versions prior to 22.3R2-S1, 22.3R3;
22.4 versions prior to 22.4R1-S2, 22.4R2.
This issue does not affect Juniper Networks Junos OS versions prior to 22.2R2.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos_os | — | — |
| juniper | srx_series | — | — |
| juniper_networks | junos_os | >= 22.2 < 22.2R3 | 22.2R3 |
| juniper_networks | junos_os | >= 22.3 < 22.3R2-S1, 22.3R3 | 22.3R2-S1, 22.3R3 |
| juniper_networks | junos_os | >= 22.4 < 22.4R1-S2, 22.4R2 | 22.4R1-S2, 22.4R2 |