CVE-2023-44182 — Unchecked Return Value in Networks Junos OS

CWE-252 — Unchecked Return Value4 documents4 sources

Severity

8.8HIGHNVD

CNA7.3

EPSS

0.1%

top 69.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Networks Junos OS Evolved Juniper Junos +1 more

Timeline

PublishedOct 13

Description

An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects such as demotion or elevation of privileges associated with an operators actions to occur. Multiple scenarios may occur; for example: privilege escalation over the device or another account, access to files that should n…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os_evolved22.1R1-EVO — 22.1*-EVO+3

▶CVEListV5juniper_networks/junos_os21.1 — 21.1R3-S5+7

▶NVDjuniper/junos_os_evolved< 21.4+4

▶NVDjuniper/junos< 20.4+8

🔴Vulnerability Details

GHSA

GHSA-rcf7-xjfr-3cgc: An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Ma↗2023-10-13

▶

CVEList

Junos OS and Junos OS Evolved: An Unchecked Return Value in multiple users interfaces affects confidentiality and integrity of device operations↗2023-10-12

▶

📋Vendor Advisories

Juniper

CVE-2023-44182: An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML M↗2023-10-13

▶