7.5

CVE-2023-28967

A Use of Uninitialized Resource vulnerability in the Border Gateway Protocol (BGP) software of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to send specific genuine BGP packets to a device configured with BGP to cause a Denial of Service (DoS) by crashing the Routing Protocol Daemon (rpd). This issue is triggered when the packets attempt to initiate a BGP connection before a BGP session is successfully established. Continued receipt of these specific BGP packets will cause a sustained Denial of Service condition. This issue is triggerable in both iBGP and eBGP deployments. This issue affects: Juniper Networks Junos OS 21.1 version 21.1R1 and later versions prior to 21.1R3-S5; 21.2 version 21.2R1 and later versions prior to 21.2R3-S2; 21.3 version 21.3R1 and later versions prior to 21.3R3-S2; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R3; 22.2 versions prior to 22.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 21.1R1. This issue affects: Juniper Networks Junos OS Evolved 21.1-EVO version 21.1R1-EVO and later versions prior to 21.4R3-EVO; 22.1-EVO versions prior to 22.1R3-EVO; 22.2-EVO versions prior to 22.2R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.1R1-EVO.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Os Evolved Version21.1 Update-
JuniperJunos Os Evolved Version21.1 Updater1
JuniperJunos Os Evolved Version21.1 Updater1-s1
JuniperJunos Os Evolved Version21.1 Updater2
JuniperJunos Os Evolved Version21.1 Updater3
JuniperJunos Os Evolved Version21.1 Updater3-s1
JuniperJunos Os Evolved Version21.1 Updater3-s2
JuniperJunos Os Evolved Version21.1 Updater3-s3
JuniperJunos Os Evolved Version21.2 Update-
JuniperJunos Os Evolved Version21.2 Updater1
JuniperJunos Os Evolved Version21.2 Updater1-s1
JuniperJunos Os Evolved Version21.2 Updater1-s2
JuniperJunos Os Evolved Version21.2 Updater2
JuniperJunos Os Evolved Version21.2 Updater2-s1
JuniperJunos Os Evolved Version21.2 Updater2-s2
JuniperJunos Os Evolved Version21.2 Updater3
JuniperJunos Os Evolved Version21.2 Updater3-s1
JuniperJunos Os Evolved Version21.2 Updater3-s2
JuniperJunos Os Evolved Version21.2 Updater3-s3
JuniperJunos Os Evolved Version21.2 Updater3-s4
JuniperJunos Os Evolved Version21.2 Updater3-s5
JuniperJunos Os Evolved Version21.3 Update-
JuniperJunos Os Evolved Version21.3 Updater1
JuniperJunos Os Evolved Version21.3 Updater1-s1
JuniperJunos Os Evolved Version21.3 Updater2
JuniperJunos Os Evolved Version21.3 Updater2-s1
JuniperJunos Os Evolved Version21.3 Updater2-s2
JuniperJunos Os Evolved Version21.3 Updater3
JuniperJunos Os Evolved Version21.3 Updater3-s1
JuniperJunos Os Evolved Version21.3 Updater3-s2
JuniperJunos Os Evolved Version21.3 Updater3-s3
JuniperJunos Os Evolved Version21.3 Updater3-s4
JuniperJunos Os Evolved Version21.4 Update-
JuniperJunos Os Evolved Version21.4 Updater1
JuniperJunos Os Evolved Version21.4 Updater1-s1
JuniperJunos Os Evolved Version21.4 Updater1-s2
JuniperJunos Os Evolved Version21.4 Updater2
JuniperJunos Os Evolved Version21.4 Updater2-s1
JuniperJunos Os Evolved Version21.4 Updater2-s2
JuniperJunos Os Evolved Version22.1 Updater1
JuniperJunos Os Evolved Version22.1 Updater1-s1
JuniperJunos Os Evolved Version22.1 Updater1-s2
JuniperJunos Os Evolved Version22.1 Updater2
JuniperJunos Os Evolved Version22.1 Updater2-s1
JuniperJunos Os Evolved Version22.2 Updater1
JuniperJunos Os Evolved Version22.2 Updater1-s1
JuniperJunos Version21.1 Update-
JuniperJunos Version21.1 Updater1
JuniperJunos Version21.1 Updater1-s1
JuniperJunos Version21.1 Updater2
JuniperJunos Version21.1 Updater2-s1
JuniperJunos Version21.1 Updater2-s2
JuniperJunos Version21.1 Updater3
JuniperJunos Version21.1 Updater3-s1
JuniperJunos Version21.1 Updater3-s2
JuniperJunos Version21.1 Updater3-s3
JuniperJunos Version21.1 Updater3-s4
JuniperJunos Version21.2 Update-
JuniperJunos Version21.2 Updater1
JuniperJunos Version21.2 Updater1-s1
JuniperJunos Version21.2 Updater1-s2
JuniperJunos Version21.2 Updater2
JuniperJunos Version21.2 Updater2-s1
JuniperJunos Version21.2 Updater2-s2
JuniperJunos Version21.2 Updater3
JuniperJunos Version21.2 Updater3-s1
JuniperJunos Version21.3 Update-
JuniperJunos Version21.3 Updater1
JuniperJunos Version21.3 Updater1-s1
JuniperJunos Version21.3 Updater1-s2
JuniperJunos Version21.3 Updater2
JuniperJunos Version21.3 Updater2-s1
JuniperJunos Version21.3 Updater2-s2
JuniperJunos Version21.3 Updater3
JuniperJunos Version21.3 Updater3-s1
JuniperJunos Version21.4 Update-
JuniperJunos Version21.4 Updater1
JuniperJunos Version21.4 Updater1-s1
JuniperJunos Version21.4 Updater1-s2
JuniperJunos Version21.4 Updater2
JuniperJunos Version21.4 Updater2-s1
JuniperJunos Version21.4 Updater2-s2
JuniperJunos Version22.1 Updater1
JuniperJunos Version22.1 Updater1-s1
JuniperJunos Version22.1 Updater1-s2
JuniperJunos Version22.1 Updater2
JuniperJunos Version22.1 Updater2-s1
JuniperJunos Version22.1 Updater2-s2
JuniperJunos Version22.2 Updater1
JuniperJunos Version22.2 Updater1-s1
JuniperJunos Version22.2 Updater1-s2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.16% 0.379
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
sirt@juniper.net 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.