Rewterz Threat Advisory – Multiple Microsoft Edge Vulnerabilities
January 16, 2023Rewterz Threat Advisory – ICS: Multiple Hitachi Energy Vulnerabilities
January 16, 2023Rewterz Threat Advisory – Multiple Microsoft Edge Vulnerabilities
January 16, 2023Rewterz Threat Advisory – ICS: Multiple Hitachi Energy Vulnerabilities
January 16, 2023Severity
High
Analysis Summary
CVE-2023-22406 CVSS:7.5
Juniper Networks Junos OS and Junos OS Evolved is vulnerable to a denial of service, caused by a memory leak flaw. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-22396 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in TCP processing on the Routing Engine (RE). By sending specially-crafted TCP packets, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-22410 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a memory leak when Control Flow Detection (scfd) is enabled. By sending a specially-crafted traffic, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-22414 CVSS:6.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a memory leak flaw in the Flexible PIC Concentrator (FPC). By sending specially-crafted SIP calls, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-22393 CVSS:7.5
Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by improper check for unusual or exceptional conditions flaw in BGP route processing. By sending a specially-crafted BGP route with invalid next-hop, a remote attacker could exploit this vulnerability to cause Routing Protocol Daemon (RPD) to crash, and results in a denial of service condition.
CVE-2023-22416 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a buffer overflow vulnerability in SIP ALG. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-22409 CVSS:5.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an unchecked input for loop condition vulnerability in a NAT library. By sending a specially-crafted request, a local autehtnicated attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-22415 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an out-of-bounds write vulnerability in the H.323 ALG. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-22399 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a buffer management vulnerability in the dcpfe process. By sending specific genuine packets, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-22407 CVSS:6.5
Juniper Networks Junos OS and Junos OS Evolved is vulnerable to a denial of service, caused by an incomplete cleanup vulnerability in the Routing Protocol Daemon (rpd). By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-22408 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper validation of array index vulnerability in the SIP ALG. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-22403 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an allocation of resources without limits or throttling vulnerability in the Packet Forwarding Engine (PFE). By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-22405 CVSS:6.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper preservation of consistency between independent representations of shared state vulnerability in the Packet Forwarding Engine (PFE). By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-22402 CVSS:5.9
Juniper Networks Junos OS Evolved is vulnerable to a denial of service, caused by a use-after-free flaw in the kernel when “bgp auto-discovery” is enabled. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the kernel to restart, and results in a denial of service condition.
CVE-2023-22394 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a memory leak flaw when handling of SIP calls. By sending specially-crafted SIP calls, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-22404 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an out-of-bounds write flaw in the Internet Key Exchange Protocol daemon (iked). By sending a specially-crafted payload, a remote attacker could exploit this vulnerability to cause iked to crash and restart, and results in a denial of service condition.
CVE-2023-22417 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by memory leak flaw in the Flow Processing Daemon (flowd). By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause FPC to crash, and results in a denial of service condition.
CVE-2023-22412 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper locking vulnerability in the SIP ALG. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a flow processing daemon (flowd) crash
CVE-2023-22401 CVSS:7.5
Juniper Networks Junos OS and Junos OS Evolved is vulnerable to a denial of service, caused by an improper validation of array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand). By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-22397 CVSS:7.4
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an allocation of resources without limits or throttling weakness in the memory management of the Packet Forwarding Engine (PFE). By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-22398 CVSS:5.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an access of uninitialized pointer vulnerability in the Routing Protocol Daemon (rpd). By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-22411 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an out-of-bounds write flaw in the Flow Processing Daemon (flowd) when using Unified Policies with IPv6. By sending a specially-crafted IPv6 packet, a remote attacker could exploit this vulnerability to cause flowd daemon to crash, and results in a denial of service condition.
CVE-2023-22395 CVSS:6.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a memory leak in the kernel. By sending specially-crafted packets, a remote attacker could exploit this vulnerability to cause a buffer leak and ultimately a loss of connectivity.
CVE-2023-22413 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by improper check or handling of exceptional conditions flaw in the IPsec library. By sending specially-crafted IPv4 packets, a remote attacker could exploit this vulnerability to cause FPC to crash, and results in a denial of service condition.
CVE-2023-22391 CVSS:7.5
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a flaw in the class-of-service (CoS) queue management. By sending specially-crafted packets, a remote attacker could exploit this vulnerability to cause delays in the processing of other traffic, and results in a denial of service condition.
CVE-2023-22400 CVSS:5.5
Juniper Networks Junos OS is Evolved vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in the PFE management daemon (evo-pfemand). By sending a specially-crafted SNMP GET operation or a CLI command, a local authenticated attacker could exploit this vulnerability to cause FPC to crash, and results in a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-22406
- CVE-2023-22396
- CVE-2023-22410
- CVE-2023-22414
- CVE-2023-22393
- CVE-2023-22416
- CVE-2023-22409
- CVE-2023-22415
- CVE-2023-22399
- CVE-2023-22407
- CVE-2023-22408
- CVE-2023-22403
- CVE-2023-22405
- CVE-2023-22402
- CVE-2023-22394
- CVE-2023-22404
- CVE-2023-22417
- CVE-2023-22412
- CVE-2023-22401
- CVE-2023-22397
- CVE-2023-22398
- CVE-2023-22411
- CVE-2023-22395
- CVE-2023-22413
- CVE-2023-22391
- CVE-2023-22400
Affected Vendors
Juniper
Affected Products
- Juniper Networks Junos OSJuniper Networks Junos OS 17.3
- Juniper Networks Junos OS 15.1Juniper Networks Junos OS 18.4
- Juniper Networks Junos OS 19.1Juniper Networks Junos OS 19.2
- Juniper Networks Junos OS 19.3Juniper Networks Junos OS 19.4
- Juniper Networks Junos OS 20.3Juniper Networks Junos OS 20.4
- Juniper Networks Junos OS EvolvedJuniper Networks MX Series
- Juniper Networks Junos OS 21.2Juniper Networks Junos OS 21.3
- Juniper Networks Junos OS 21.4Juniper Networks Junos OS 22.1
- Juniper Networks Junos OS 22.3Juniper Networks SRX Series
- Juniper Networks Junos OS Evolved 21.3-EVO
- Juniper Networks Junos OS Evolved 21.4-EVO
- Juniper Networks Junos OS Evolved 22.3R1-EVO
- Juniper Networks Junos OS Evolved 22.1-EVO
Remediation
Refer to Juniper Networks Security Advisory for patch, upgrade or suggested workaround information.