CVE-2023-36834Incomplete Internal State Distinction in Networks Junos OS

CWE-372Incomplete Internal State Distinction4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 71.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJul 14

Description

An Incomplete Internal State Distinction vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series allows an adjacent attacker to cause a Denial of Service (DoS). If an SRX is configured in L2 transparent mode the receipt of a specific genuine packet can cause a single Packet Processing Engines (PPE) component of the PFE to run into a loop, which in turn will render the PPE unavailable. Each packet will cause one PPE to get into a loop, lea

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os20.120.1*+10
NVDjuniper/junos8 versions+7

🔴Vulnerability Details

2
GHSA
GHSA-6cxr-6qqw-c9xc: An Incomplete Internal State Distinction vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX 4600 and SRX 5000 Ser2023-07-14
CVEList
Junos OS: SRX 4600 and SRX 5000 Series: The receipt of specific genuine packets by SRXes configured for L2 transparency will cause a DoS2023-07-14

📋Vendor Advisories

1
Juniper
CVE-2023-36834: An Incomplete Internal State Distinction vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX 4600 and SRX 5000 Ser2023-07-14
CVE-2023-36834 — Incomplete Internal State Distinction | cvebase