Executive Summary

Informations
Name CVE-2023-36832 First vendor Publication 2023-07-14
Vendor Cve Last vendor Modification 2023-07-26

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Overall CVSS Score 7.5
Base Score 7.5 Environmental Score 7.5
impact SubScore 3.6 Temporal Score 7.5
Exploitabality Sub Score 3.9
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction None
Scope Unchanged Confidentiality Impact None
Integrity Impact None Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series allows an unauthenticated network-based attacker to send specific packets to an Aggregated Multiservices (AMS) interface on the device, causing the packet forwarding engine (PFE) to crash, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.

This issue is only triggered by packets destined to a local-interface via a service-interface (AMS). AMS is only supported on the MS-MPC, MS-MIC, and MX-SPC3 cards. This issue is not experienced on other types of interfaces or configurations. Additionally, transit traffic does not trigger this issue.

This issue affects Juniper Networks Junos OS on MX Series: All versions prior to 19.1R3-S10; 19.2 versions prior to 19.2R3-S7; 19.3 versions prior to 19.3R3-S8; 19.4 versions prior to 19.4R3-S12; 20.2 versions prior to 20.2R3-S8; 20.4 versions prior to 20.4R3-S7; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S5; 21.3 versions prior to 21.3R3-S4; 21.4 versions prior to 21.4R3-S3; 22.1 versions prior to 22.1R3-S2; 22.2 versions prior to 22.2R3; 22.3 versions prior to 22.3R2-S1, 22.3R3; 22.4 versions prior to 22.4R1-S2, 22.4R2.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36832

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-755 Improper Handling of Exceptional Conditions

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Hardware 1
Os 999

Sources (Detail)

Source Url
MISC https://supportportal.juniper.net/JSA71639

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Date Informations
2024-08-02 13:50:02
  • Multiple Updates
2024-08-02 01:33:29
  • Multiple Updates
2024-02-02 02:47:08
  • Multiple Updates
2024-02-01 12:30:34
  • Multiple Updates
2023-09-05 13:41:41
  • Multiple Updates
2023-09-05 01:29:38
  • Multiple Updates
2023-09-02 13:39:47
  • Multiple Updates
2023-09-02 01:30:04
  • Multiple Updates
2023-08-12 13:45:00
  • Multiple Updates
2023-08-12 01:29:17
  • Multiple Updates
2023-08-11 13:37:06
  • Multiple Updates
2023-08-11 01:30:10
  • Multiple Updates
2023-08-06 13:33:39
  • Multiple Updates
2023-08-06 01:28:55
  • Multiple Updates
2023-08-04 05:27:43
  • Multiple Updates
2023-08-04 01:29:18
  • Multiple Updates
2023-07-27 17:27:25
  • Multiple Updates
2023-07-26 21:27:23
  • Multiple Updates
2023-07-15 00:27:17
  • Multiple Updates
2023-07-14 21:27:16
  • First insertion