CVE-2023-36843
Junos OS: SRX Series: The PFE will crash on receiving malformed SSL traffic when Sky ATP is enabled
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework (jsf) module of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a crash in the Packet Forwarding Engine (pfe) and thereby resulting in a Denial of Service (DoS).
Upon receiving malformed SSL traffic, the PFE crashes. A manual restart will be needed to recover the device.
This issue only affects devices with Juniper Networks Advanced Threat Prevention (ATP) Cloud enabled with Encrypted Traffic Insights (configured via ‘security-metadata-streaming policy’).
This issue affects Juniper Networks Junos OS:
* All versions prior to 20.4R3-S8, 20.4R3-S9;
* 21.1 version 21.1R1 and later versions;
* 21.2 versions prior to 21.2R3-S6;
* 21.3 versions prior to 21.3R3-S5;
* 21.4 versions prior to 21.4R3-S5;
* 22.1 versions prior to 22.1R3-S4;
* 22.2 versions prior to 22.2R3-S2;
* 22.3 versions prior to 22.3R2-S2, 22.3R3;
* 22.4 versions prior to 22.4R2-S1, 22.4R3;
Una vulnerabilidad de manejo inadecuado de elementos especiales inconsistentes en el módulo Junos Services Framework (jsf) de Juniper Networks Junos OS permite que un atacante basado en red no autenticado cause una falla en Packet Forwarding Engine (pfe) y, por lo tanto, resulte en una Denegación de Servicio (DoS). ). Al recibir tráfico SSL con formato incorrecto, el PFE falla. Será necesario un reinicio manual para recuperar el dispositivo. Este problema solo afecta a los dispositivos con Juniper Networks Advanced Threat Prevention (ATP) Cloud habilitado con Encrypted Traffic Insights (configurado a través de la 'política de transmisión de metadatos de seguridad'). Este problema afecta a Juniper Networks Junos OS: * Todas las versiones anteriores a 20.4R3-S8, 20.4R3-S9; * 21.1 versión 21.1R1 y versiones posteriores; * Versiones 21.2 anteriores a 21.2R3-S6; * Versiones 21.3 anteriores a 21.3R3-S5; * Versiones 21.4 anteriores a 21.4R3-S5; * Versiones 22.1 anteriores a 22.1R3-S4; * Versiones 22.2 anteriores a 22.2R3-S2; * Versiones 22.3 anteriores a 22.3R2-S2, 22.3R3; * Versiones 22.4 anteriores a 22.4R2-S1, 22.4R3;
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-06-27 CVE Reserved
- 2023-10-12 CVE Published
- 2024-09-11 EPSS Updated
- 2024-09-18 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-168: Improper Handling of Inconsistent Special Elements
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://supportportal.juniper.net/JSA73174 | 2023-10-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | < 20.4 Search vendor "Juniper" for product "Junos" and version " < 20.4" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r2-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r3-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r3-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r3-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r3-s4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r3-s5 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r3-s6 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r3-s7 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r3-s9 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r2-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r3-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r3-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r3-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r3-s4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r3-s5 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r2-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r3-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r3-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r3-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r3-s4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r3-s5 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.3 Search vendor "Juniper" for product "Junos" and version "21.3" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.3 Search vendor "Juniper" for product "Junos" and version "21.3" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.3 Search vendor "Juniper" for product "Junos" and version "21.3" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.3 Search vendor "Juniper" for product "Junos" and version "21.3" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.3 Search vendor "Juniper" for product "Junos" and version "21.3" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.3 Search vendor "Juniper" for product "Junos" and version "21.3" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.3 Search vendor "Juniper" for product "Junos" and version "21.3" | r2-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.3 Search vendor "Juniper" for product "Junos" and version "21.3" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.3 Search vendor "Juniper" for product "Junos" and version "21.3" | r3-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.3 Search vendor "Juniper" for product "Junos" and version "21.3" | r3-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.3 Search vendor "Juniper" for product "Junos" and version "21.3" | r3-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.3 Search vendor "Juniper" for product "Junos" and version "21.3" | r3-s4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.4 Search vendor "Juniper" for product "Junos" and version "21.4" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.4 Search vendor "Juniper" for product "Junos" and version "21.4" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.4 Search vendor "Juniper" for product "Junos" and version "21.4" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.4 Search vendor "Juniper" for product "Junos" and version "21.4" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.4 Search vendor "Juniper" for product "Junos" and version "21.4" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.4 Search vendor "Juniper" for product "Junos" and version "21.4" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.4 Search vendor "Juniper" for product "Junos" and version "21.4" | r2-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.4 Search vendor "Juniper" for product "Junos" and version "21.4" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.4 Search vendor "Juniper" for product "Junos" and version "21.4" | r3-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.4 Search vendor "Juniper" for product "Junos" and version "21.4" | r3-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.4 Search vendor "Juniper" for product "Junos" and version "21.4" | r3-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.4 Search vendor "Juniper" for product "Junos" and version "21.4" | r3-s4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.1 Search vendor "Juniper" for product "Junos" and version "22.1" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.1 Search vendor "Juniper" for product "Junos" and version "22.1" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.1 Search vendor "Juniper" for product "Junos" and version "22.1" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.1 Search vendor "Juniper" for product "Junos" and version "22.1" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.1 Search vendor "Juniper" for product "Junos" and version "22.1" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.1 Search vendor "Juniper" for product "Junos" and version "22.1" | r2-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.1 Search vendor "Juniper" for product "Junos" and version "22.1" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.1 Search vendor "Juniper" for product "Junos" and version "22.1" | r3-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.2 Search vendor "Juniper" for product "Junos" and version "22.2" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.2 Search vendor "Juniper" for product "Junos" and version "22.2" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.2 Search vendor "Juniper" for product "Junos" and version "22.2" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.2 Search vendor "Juniper" for product "Junos" and version "22.2" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.2 Search vendor "Juniper" for product "Junos" and version "22.2" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.2 Search vendor "Juniper" for product "Junos" and version "22.2" | r2-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.2 Search vendor "Juniper" for product "Junos" and version "22.2" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.2 Search vendor "Juniper" for product "Junos" and version "22.2" | r3-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.3 Search vendor "Juniper" for product "Junos" and version "22.3" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.3 Search vendor "Juniper" for product "Junos" and version "22.3" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.3 Search vendor "Juniper" for product "Junos" and version "22.3" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.3 Search vendor "Juniper" for product "Junos" and version "22.3" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.3 Search vendor "Juniper" for product "Junos" and version "22.3" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.3 Search vendor "Juniper" for product "Junos" and version "22.3" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.4 Search vendor "Juniper" for product "Junos" and version "22.4" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.4 Search vendor "Juniper" for product "Junos" and version "22.4" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.4 Search vendor "Juniper" for product "Junos" and version "22.4" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.4 Search vendor "Juniper" for product "Junos" and version "22.4" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 22.4 Search vendor "Juniper" for product "Junos" and version "22.4" | r3 |
Affected
| ||||||