{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-22398","assignerOrgId":"8cbe9d5a-a066-4c94-8978-4b15efeae968","assignerShortName":"juniper","dateUpdated":"2025-04-07T15:40:07.629Z","dateReserved":"2022-12-27T00:00:00.000Z","datePublished":"2023-01-12T00:00:00.000Z"},"containers":{"cna":{"title":"Junos OS and Junos OS Evolved: RPD might crash when MPLS ping is performed on BGP LSPs","datePublic":"2023-01-11T00:00:00.000Z","providerMetadata":{"orgId":"8cbe9d5a-a066-4c94-8978-4b15efeae968","shortName":"juniper","dateUpdated":"2023-01-12T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"An Access of Uninitialized Pointer vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). When an MPLS ping is performed on BGP LSPs, the RPD might crash. Repeated execution of this operation will lead to a sustained DoS. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S12; 19.1 versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R1-S9, 19.2R3-S5; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R1-S1, 21.1R2; Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R2-EVO."}],"affected":[{"vendor":"Juniper Networks","product":"Junos OS","versions":[{"version":"15.1","status":"affected","lessThan":"15.1R7-S12","versionType":"custom"},{"version":"19.1","status":"affected","lessThan":"19.1R3-S9","versionType":"custom"},{"version":"19.2","status":"affected","lessThan":"19.2R1-S9, 19.2R3-S5","versionType":"custom"},{"version":"19.3","status":"affected","lessThan":"19.3R3-S6","versionType":"custom"},{"version":"19.4","status":"affected","lessThan":"19.4R2-S7, 19.4R3-S8","versionType":"custom"},{"version":"20.1","status":"affected","lessThan":"20.1R3-S4","versionType":"custom"},{"version":"20.2","status":"affected","lessThan":"20.2R3-S5","versionType":"custom"},{"version":"20.3","status":"affected","lessThan":"20.3R3-S5","versionType":"custom"},{"version":"20.4","status":"affected","lessThan":"20.4R3-S4","versionType":"custom"},{"version":"21.1","status":"affected","lessThan":"21.1R1-S1, 21.1R2","versionType":"custom"}]},{"vendor":"Juniper Networks","product":"Junos OS Evolved","versions":[{"version":"unspecified","lessThan":"20.4R3-S4-EVO","status":"affected","versionType":"custom"},{"version":"21.1","status":"affected","lessThan":"21.1R2-EVO","versionType":"custom"}]}],"references":[{"url":"https://kb.juniper.net/JSA70181"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":5.3,"baseSeverity":"MEDIUM"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-824 Access of Uninitialized Pointer","cweId":"CWE-824"}]},{"descriptions":[{"type":"text","lang":"en","description":"Denial of Service (DoS)"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"advisory":"JSA70181","defect":["1593770"],"discovery":"USER"},"workarounds":[{"lang":"en","value":"There are no known workarounds for this issue.\n\nTo reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted networks, hosts and users."}],"exploits":[{"lang":"en","value":"Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}],"solutions":[{"lang":"en","value":"The following software releases have been updated to resolve this specific issue:\nJunos OS: 15.1R7-S12, 19.1R3-S9, 19.2R1-S9, 19.2R3-S5, 19.3R3-S6, 19.4R2-S7, 19.4R3-S8, 20.1R3-S4, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.\nJunos OS Evolved: 20.4R3-S4-EVO, 21.1R2-EVO, 21.2R1-EVO and all subsequent releases."}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T10:07:06.701Z"},"title":"CVE Program Container","references":[{"url":"https://kb.juniper.net/JSA70181","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-04-07T15:08:28.355622Z","id":"CVE-2023-22398","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-07T15:40:07.629Z"}}]}}