Rewterz Threat Advisory – Multiple Juniper Networks Junos OS and Junos OS Evolved Vulnerabilities

October 15, 2023

Severity

Medium

Analysis Summary

CVE-2023-44196 CVSS: 6.5

Juniper Networks Junos OS Evolved could allow a remote attacker to bypass security restrictions, caused by an improper check for unusual or exceptional conditions flaw in the Packet Forwarding Engine (pfe). By sending a specially crafted request, an attacker could exploit this vulnerability to allow packets not destined to the router to reach to the RE.

CVE-2023-44201 CVSS: 5.0

Juniper Networks Junos OS and Junos OS Evolved could allow a local authenticated attacker to gain elevated privileges on the system, caused by an incorrect permission assignment for critical resource flaw in a specific file. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to read configuration changes.

CVE-2023-44186 CVSS: 7.5

Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by an improper handling of exceptional conditions flaw in the AS PATH processing. By sending a specially crafted BGP update message with an AS PATH, a remote attacker could exploit this vulnerability to cause RPD to crash.

CVE-2023-44199 CVSS: 7.5

Juniper Networks Junos OS on MX Series is vulnerable to a denial of service, caused by improper check for unusual or exceptional conditions flaw in the Packet Forwarding Engine (PFE). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause Precision Time Protocol (PTP) to crash and restart.

CVE-2023-44202 CVSS: 5.3

Juniper Networks Junos OS Evolved could allow a remote attacker to bypass security restrictions, caused by an incorrect authorization flaw in TCP packet processing. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass a control plane firewall filter.

CVE-2023-44187 CVSS: 5.9

Juniper Networks Junos OS Evolved could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the “file copy” command. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain passwords information, and use this information to launch further attacks against the affected system.

CVE-2023-44195 CVSS: 5.4

Juniper Networks Junos OS Evolved is vulnerable to a denial of service, caused by an improper restriction of communication channel to intended endpoints flaw in the NetworkStack agent daemon (nsagentd). By sending a specially crafted request, a remote attacker could exploit this vulnerability to increase consumption of resources.

CVE-2023-44182 CVSS: 7.3

Juniper Networks Junos OS and Junos OS Evolved could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an unchecked return value flaw in the user interfaces. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.

CVE-2023-44204 CVSS: 6.5

Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by an improper validation of syntactic correctness of input flaw in the Routing Protocol Daemon (rpd). By sending a specially crafted BGP UPDATE packet, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2023-44190 CVSS: 6.1

Juniper Networks Junos OS Evolved is vulnerable to a denial of service, caused by an origin validation flaw in MAC address validation. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a loop and congestion in the downstream layer-2 domain connected to the device..

CVE-2023-44197 CVSS: 7.5

Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by an out-of-bounds write flaw in the Routing Protocol Daemon (rpd). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause rpd to crash.

CVE-2023-44198 CVSS: 5.8

Juniper Networks Junos OS could allow a remote attacker to bypass security restrictions, caused by an improper check for unusual or exceptional conditions flaw in the SIP ALG. By sending specially crafted SIP packets, an attacker could exploit this vulnerability to forward the retransmitted SIP packets.

CVE-2023-44203 CVSS: 6.5

Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper check or handling of exceptional conditions flaw in the Packet Forwarding Engine (pfe). By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause packet flooding, and results in a denial of service condition.

CVE-2023-36839 CVSS: 6.5

Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by an improper validation of specified quantity in input flaw in the Layer-2 control protocols daemon (l2cpd) . By sending specially crafted LLDP packets, a remote attacker could exploit this vulnerability to cause l2cpd to crash.