CVE-2023-22398

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions 15.1 through 15.1R7-S11 Juniper Networks Junos OS versions 19.1 through 19.1R3-S8 Juniper Networks Junos OS versions 19.2 through 19.2R1-S8 Juniper Networks Junos OS versions 19.2R3 through 19.2R3-S4 Juniper Networks Junos OS versions 19.3 through 19.3R3-S5 Juniper Networks Junos OS versions 19.4 through 19.4R2-S6 Juniper Networks Junos OS versions 19.4R3 through 19.4R3-S7 Juniper Networks Junos OS versions 20.1 through 20.1R3-S3 Juniper Networks Junos OS versions 20.2 through 20.2R3-S4 Juniper Networks Junos OS versions 20.3 through 20.3R3-S4 Juniper Networks Junos OS versions 20.4 through 20.4R3-S3 Juniper Networks Junos OS versions 21.1 through 21.1R1-S0 Juniper Networks Junos OS versions 21.1R2 through 21.1R2 Juniper Networks Junos OS Evolved versions prior to 20.4R3-S4 Juniper Networks Junos OS Evolved versions 21.1 through 21.1R2-EVO

Description An Access of Uninitialized Pointer issue in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). When an MPLS ping is performed on BGP LSPs, the RPD might crash. Repeated execution of this operation will lead to a sustained DoS.

Recommendations For Juniper Networks Junos OS version 15.1, update to version 15.1R7-S12 or later. For Juniper Networks Junos OS version 19.1, update to version 19.1R3-S9 or later. For Juniper Networks Junos OS version 19.2, update to version 19.2R1-S9 or later, or version 19.2R3-S5 or later. For Juniper Networks Junos OS version 19.3, update to version 19.3R3-S6 or later. For Juniper Networks Junos OS version 19.4, update to version 19.4R2-S7 or later, or version 19.4R3-S8 or later. For Juniper Networks Junos OS version 20.1, update to version 20.1R3-S4 or later. For Juniper Networks Junos OS version 20.2, update to version 20.2R3-S5 or later. For Juniper Networks Junos OS version 20.3, update to version 20.3R3-S5 or later. For Juniper Networks Junos OS version 20.4, update to version 20.4R3-S4 or later. For Juniper Networks Junos OS version 21.1, update to version 21.1R1-S1 or later, or version 21.1R2 or later. For Juniper Networks Junos OS Evolved version prior to 20.4R3-S4, update to version 20.4R3-S4 or later. For Juniper Networks Junos OS Evolved version 21.1, update to version 21.1R2-EVO or later.