cnvd - cnvd-2023-49463

cnvd-2023-49463

Vulnerability from cnvd

Title: Juniper Networks Junos OS拒绝服务漏洞（CNVD-2023-49463）

Description:

Juniper Networks Junos OS是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。

Juniper Networks Junos OS存在拒绝服务漏洞，该漏洞源于某些USB设备连接到路由引擎 (RE) 的USB端口时，内核将崩溃，攻击者可利用该漏洞导致拒绝服务 (DoS)。

Severity: 中

Patch Name: Juniper Networks Junos OS拒绝服务漏洞（CNVD-2023-49463）的补丁

Patch Description:

Juniper Networks Junos OS是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。

Juniper Networks Junos OS存在拒绝服务漏洞，该漏洞源于某些USB设备连接到路由引擎 (RE) 的USB端口时，内核将崩溃，攻击者可利用该漏洞导致拒绝服务 (DoS)。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://supportportal.juniper.net/JSA70600

Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-28975

Impacted products

Name
['Juniper Networks Junos OS <19.4R3-S10', 'Juniper Networks Junos OS >=20.2,<20.2R3-S7', 'Juniper Networks Junos OS >=20.3,<20.3R3-S6', 'Juniper Networks Junos OS >=20.4,<20.4R3-S5', 'Juniper Networks Junos OS >=21.1,<21.1R3-S4', 'Juniper Networks Junos OS >=21.2,<21.2R3-S4', 'Juniper Networks Junos OS >=21.3,<21.3R3-S3', 'Juniper Networks Junos OS >=21.4,<21.4R3-S2', 'Juniper Networks Junos OS >=22.1,<22.1R2-S2', 'Juniper Networks Junos OS >=22.1,<22.1R3', 'Juniper Networks Junos OS >=22.2,<22.2R2', 'Juniper Networks Junos OS >=22.2,<22.2R3', 'Juniper Networks Junos OS >=22.3,<22.3R1-S1', 'Juniper Networks Junos OS >=22.3,<22.3R2', 'Juniper Networks Junos OS >=22.4,<22.4R2']

Name

['Juniper Networks Junos OS <19.4R3-S10', 'Juniper Networks Junos OS >=20.2,<20.2R3-S7', 'Juniper Networks Junos OS >=20.3,<20.3R3-S6', 'Juniper Networks Junos OS >=20.4,<20.4R3-S5', 'Juniper Networks Junos OS >=21.1,<21.1R3-S4', 'Juniper Networks Junos OS >=21.2,<21.2R3-S4', 'Juniper Networks Junos OS >=21.3,<21.3R3-S3', 'Juniper Networks Junos OS >=21.4,<21.4R3-S2', 'Juniper Networks Junos OS >=22.1,<22.1R2-S2', 'Juniper Networks Junos OS >=22.1,<22.1R3', 'Juniper Networks Junos OS >=22.2,<22.2R2', 'Juniper Networks Junos OS >=22.2,<22.2R3', 'Juniper Networks Junos OS >=22.3,<22.3R1-S1', 'Juniper Networks Junos OS >=22.3,<22.3R2', 'Juniper Networks Junos OS >=22.4,<22.4R2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-28975",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-28975"
    }
  },
  "description": "Juniper Networks Junos OS\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u8bbe\u5907\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunos SDK\u3002\n\nJuniper Networks Junos OS\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u67d0\u4e9bUSB\u8bbe\u5907\u8fde\u63a5\u5230\u8def\u7531\u5f15\u64ce (RE) \u7684USB\u7aef\u53e3\u65f6\uff0c\u5185\u6838\u5c06\u5d29\u6e83\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1 (DoS)\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://supportportal.juniper.net/JSA70600",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-49463",
  "openTime": "2023-06-16",
  "patchDescription": "Juniper Networks Junos OS\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u8bbe\u5907\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunos SDK\u3002\r\n\r\nJuniper Networks Junos OS\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u67d0\u4e9bUSB\u8bbe\u5907\u8fde\u63a5\u5230\u8def\u7531\u5f15\u64ce (RE) \u7684USB\u7aef\u53e3\u65f6\uff0c\u5185\u6838\u5c06\u5d29\u6e83\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1 (DoS)\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Juniper Networks Junos OS\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2023-49463\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Juniper Networks Junos OS \u003c19.4R3-S10",
      "Juniper Networks Junos OS \u003e=20.2,\u003c20.2R3-S7",
      "Juniper Networks Junos OS \u003e=20.3,\u003c20.3R3-S6",
      "Juniper Networks Junos OS \u003e=20.4,\u003c20.4R3-S5",
      "Juniper Networks Junos OS \u003e=21.1,\u003c21.1R3-S4",
      "Juniper Networks Junos OS \u003e=21.2,\u003c21.2R3-S4",
      "Juniper Networks Junos OS \u003e=21.3,\u003c21.3R3-S3",
      "Juniper Networks Junos OS \u003e=21.4,\u003c21.4R3-S2",
      "Juniper Networks Junos OS \u003e=22.1,\u003c22.1R2-S2",
      "Juniper Networks Junos OS \u003e=22.1,\u003c22.1R3",
      "Juniper Networks Junos OS \u003e=22.2,\u003c22.2R2",
      "Juniper Networks Junos OS \u003e=22.2,\u003c22.2R3",
      "Juniper Networks Junos OS \u003e=22.3,\u003c22.3R1-S1",
      "Juniper Networks Junos OS \u003e=22.3,\u003c22.3R2",
      "Juniper Networks Junos OS \u003e=22.4,\u003c22.4R2"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-28975",
  "serverity": "\u4e2d",
  "submitTime": "2023-04-20",
  "title": "Juniper Networks Junos OS\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2023-49463\uff09"
}

CVE-2023-28975 (GCVE-0-2023-28975)

Vulnerability from cvelistv5

Published

2023-04-17 00:00

Modified

2025-02-05 21:42

Severity ?

4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-394 - Unexpected Status Code or Return Value
Denial of Service (DoS)

Summary

An Unexpected Status Code or Return Value vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated attacker with physical access to the device to cause a Denial of Service (DoS). When certain USB devices are connected to a USB port of the routing-engine (RE), the kernel will crash leading to a reboot of the device. The device will continue to crash as long as the USB device is connected. This issue affects Juniper Networks Junos OS: All versions prior to 19.4R3-S10; 20.2 versions prior to 20.2R3-S7; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S2; 22.1 versions prior to 22.1R2-S2, 22.1R3; 22.2 versions prior to 22.2R2, 22.2R3; 22.3 versions prior to 22.3R1-S1, 22.3R2; 22.4 versions prior to 22.4R2.

References

▼	URL	Tags
	https://supportportal.juniper.net/JSA70600

Impacted products

	Vendor	Product	Version
	Juniper Networks	Junos OS	Version: unspecified < 19.4R3-S10 Version: 20.2 < 20.2R3-S7 Version: 20.3 < 20.3R3-S6 Version: 20.4 < 20.4R3-S5 Version: 21.1 < 21.1R3-S4 Version: 21.2 < 21.2R3-S4 Version: 21.3 < 21.3R3-S3 Version: 21.4 < 21.4R3-S2 Version: 22.1 < 22.1R2-S2, 22.1R3 Version: 22.2 < 22.2R2 Version: 22.3 < 22.3R1-S1, 22.3R2 Version: 22.4 < 22.4R2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:51:38.773Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://supportportal.juniper.net/JSA70600"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28975",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-05T21:42:40.742252Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-05T21:42:59.703Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "19.4R3-S10",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "20.2R3-S7",
              "status": "affected",
              "version": "20.2",
              "versionType": "custom"
            },
            {
              "lessThan": "20.3R3-S6",
              "status": "affected",
              "version": "20.3",
              "versionType": "custom"
            },
            {
              "lessThan": "20.4R3-S5",
              "status": "affected",
              "version": "20.4",
              "versionType": "custom"
            },
            {
              "lessThan": "21.1R3-S4",
              "status": "affected",
              "version": "21.1",
              "versionType": "custom"
            },
            {
              "lessThan": "21.2R3-S4",
              "status": "affected",
              "version": "21.2",
              "versionType": "custom"
            },
            {
              "lessThan": "21.3R3-S3",
              "status": "affected",
              "version": "21.3",
              "versionType": "custom"
            },
            {
              "lessThan": "21.4R3-S2",
              "status": "affected",
              "version": "21.4",
              "versionType": "custom"
            },
            {
              "lessThan": "22.1R2-S2, 22.1R3",
              "status": "affected",
              "version": "22.1",
              "versionType": "custom"
            },
            {
              "lessThan": "22.2R2",
              "status": "affected",
              "version": "22.2",
              "versionType": "custom"
            },
            {
              "lessThan": "22.3R1-S1, 22.3R2",
              "status": "affected",
              "version": "22.3",
              "versionType": "custom"
            },
            {
              "lessThan": "22.4R2",
              "status": "affected",
              "version": "22.4",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-04-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Unexpected Status Code or Return Value vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated attacker with physical access to the device to cause a Denial of Service (DoS). When certain USB devices are connected to a USB port of the routing-engine (RE), the kernel will crash leading to a reboot of the device. The device will continue to crash as long as the USB device is connected. This issue affects Juniper Networks Junos OS: All versions prior to 19.4R3-S10; 20.2 versions prior to 20.2R3-S7; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S2; 22.1 versions prior to 22.1R2-S2, 22.1R3; 22.2 versions prior to 22.2R2, 22.2R3; 22.3 versions prior to 22.3R1-S1, 22.3R2; 22.4 versions prior to 22.4R2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-394",
              "description": "CWE-394 Unexpected Status Code or Return Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "description": "Denial of Service (DoS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-17T00:00:00.000Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "url": "https://supportportal.juniper.net/JSA70600"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 19.4R3-S10, 20.2R3-S7, 20.3R3-S6, 20.4R3-S5, 21.1R3-S4, 21.2R3-S4, 21.3R3-S3, 21.4R3-S2, 22.1R2-S2, 22.1R3, 22.2R2, 22.3R1-S1, 22.3R2, 22.4R2, 23.1R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA70600",
        "defect": [
          "1638519"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: The kernel will crash when certain USB devices are inserted",
      "workarounds": [
        {
          "lang": "en",
          "value": "To reduce the risk of exploitation utilize common security BCPs to limit physical access to the devices.."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2023-28975",
    "datePublished": "2023-04-17T00:00:00.000Z",
    "dateReserved": "2023-03-29T00:00:00.000Z",
    "dateUpdated": "2025-02-05T21:42:59.703Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted