{"vulnerability": "CVE-2023-36840", "sightings": [{"uuid": "c2c5a51e-341e-4c29-999c-bd9fb16b5d46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36840", "type": "seen", "source": "https://t.me/cibsecurity/66760", "content": "\u203c CVE-2023-36840 \u203c\n\nA Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved, when a specific L2VPN command is run, RPD will crash and restart. Continued execution of this specific command will create a sustained Denial of Service (DoS) condition.This issue affects:Juniper Networks Junos OSAll versions prior to 19.3R3-S10;20.1 versions prior to 20.1R3-S4;20.2 versions prior to 20.2R3-S6;20.3 versions prior to 20.3R3-S6;20.4 versions prior to 20.4R3-S5;21.1 versions prior to 21.1R3-S4;21.2 versions prior to 21.2R3-S3;21.3 versions prior to 21.3R3-S2;21.4 versions prior to 21.4R3;22.1 versions prior to 22.1R3;22.2 versions prior to 22.2R2;22.3 versions prior to 22.3R2;Juniper Networks Junos OS EvolvedAll versions prior to 20.4R3-S7-EVO;21.1 versions prior to 21.1R3-S3-EVO;21.2 versions prior to 21.2R3-S5-EVO;21.3 versions prior to 21.3R3-S4-EVO;21.4 versions prior to 21.4R3-EVO;22.1 versions prior to 22.1R3-EVO;22.2 versions prior to 22.2R2-EVO;22.3 versions prior to 22.3R2-EVO;\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-14T22:22:50.000000Z"}]}