6.5

CVE-2023-44184

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a CPU Denial of Service to the device's control plane.

This issue affects:

Juniper Networks Junos OS



  *  All versions prior to 20.4R3-S7;
  *  21.2 versions prior to 21.2R3-S5;
  *  21.3 versions prior to 21.3R3-S5;
  *  21.4 versions prior to 21.4R3-S4;
  *  22.1 versions prior to 22.1R3-S2;
  *  22.2 versions prior to 22.2R3;
  *  22.3 versions prior to 22.3R2-S1, 22.3R3;
  *  22.4 versions prior to 22.4R1-S2, 22.4R2.




Juniper Networks Junos OS Evolved



  *  All versions prior to 21.4R3-S4-EVO;
  *  22.1 versions prior to 22.1R3-S2-EVO;
  *  22.2 versions prior to 22.2R3-EVO;
  *  22.3 versions prior to 22.3R3-EVO;
  *  22.4 versions prior to 22.4R2-EVO.




An indicator of compromise can be seen by first determining if the NETCONF client is logged in and fails to log out after a reasonable period of time and secondly reviewing the WCPU percentage for the mgd process by running the following command:

mgd process example:

user@device-re#> show system processes extensive | match "mgd|PID" | except last
PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND
92476 root 100 0 500M 89024K CPU3 3 57.5H 89.60% mgd <<<<<<<<<<< review the high cpu percentage.
Example to check for NETCONF activity:

While there is no specific command that shows a specific session in use for NETCONF, you can review logs for UI_LOG_EVENT with "client-mode 'netconf'"

For example:

mgd[38121]: UI_LOGIN_EVENT: User 'root' login, class 'super-user' [38121], ssh-connection '10.1.1.1 201 55480 10.1.1.2 22', client-mode 'netconf'

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
JuniperJunos Version < 20.4
JuniperJunos Version20.4 Update-
JuniperJunos Version20.4 Updater1
JuniperJunos Version20.4 Updater1-s1
JuniperJunos Version20.4 Updater2
JuniperJunos Version20.4 Updater2-s1
JuniperJunos Version20.4 Updater2-s2
JuniperJunos Version20.4 Updater3
JuniperJunos Version20.4 Updater3-s1
JuniperJunos Version20.4 Updater3-s2
JuniperJunos Version20.4 Updater3-s3
JuniperJunos Version20.4 Updater3-s4
JuniperJunos Version20.4 Updater3-s5
JuniperJunos Version20.4 Updater3-s6
JuniperJunos Version21.2 Update-
JuniperJunos Version21.2 Updater1
JuniperJunos Version21.2 Updater1-s1
JuniperJunos Version21.2 Updater1-s2
JuniperJunos Version21.2 Updater2
JuniperJunos Version21.2 Updater2-s1
JuniperJunos Version21.2 Updater2-s2
JuniperJunos Version21.2 Updater3
JuniperJunos Version21.2 Updater3-s1
JuniperJunos Version21.2 Updater3-s2
JuniperJunos Version21.2 Updater3-s3
JuniperJunos Version21.2 Updater3-s4
JuniperJunos Version21.3 Update-
JuniperJunos Version21.3 Updater1
JuniperJunos Version21.3 Updater1-s1
JuniperJunos Version21.3 Updater1-s2
JuniperJunos Version21.3 Updater2
JuniperJunos Version21.3 Updater2-s1
JuniperJunos Version21.3 Updater2-s2
JuniperJunos Version21.3 Updater3
JuniperJunos Version21.3 Updater3-s1
JuniperJunos Version21.3 Updater3-s2
JuniperJunos Version21.3 Updater3-s3
JuniperJunos Version21.3 Updater3-s4
JuniperJunos Version21.4 Update-
JuniperJunos Version21.4 Updater1
JuniperJunos Version21.4 Updater1-s1
JuniperJunos Version21.4 Updater1-s2
JuniperJunos Version21.4 Updater2
JuniperJunos Version21.4 Updater2-s1
JuniperJunos Version21.4 Updater2-s2
JuniperJunos Version21.4 Updater3
JuniperJunos Version21.4 Updater3-s1
JuniperJunos Version21.4 Updater3-s2
JuniperJunos Version21.4 Updater3-s3
JuniperJunos Version22.1 Update-
JuniperJunos Version22.1 Updater1
JuniperJunos Version22.1 Updater1-s1
JuniperJunos Version22.1 Updater1-s2
JuniperJunos Version22.1 Updater2
JuniperJunos Version22.1 Updater2-s1
JuniperJunos Version22.1 Updater2-s2
JuniperJunos Version22.1 Updater3
JuniperJunos Version22.1 Updater3-s1
JuniperJunos Version22.2 Update-
JuniperJunos Version22.2 Updater1
JuniperJunos Version22.2 Updater1-s1
JuniperJunos Version22.2 Updater1-s2
JuniperJunos Version22.2 Updater2
JuniperJunos Version22.2 Updater2-s1
JuniperJunos Version22.2 Updater2-s2
JuniperJunos Version22.3 Update-
JuniperJunos Version22.3 Updater1
JuniperJunos Version22.3 Updater1-s1
JuniperJunos Version22.3 Updater1-s2
JuniperJunos Version22.3 Updater2
JuniperJunos Version22.4 Update-
JuniperJunos Version22.4 Updater1
JuniperJunos Version22.4 Updater1-s1
JuniperJunos Os Evolved Version < 21.4
JuniperJunos Os Evolved Version21.4 Update-
JuniperJunos Os Evolved Version21.4 Updater1
JuniperJunos Os Evolved Version21.4 Updater1-s1
JuniperJunos Os Evolved Version21.4 Updater1-s2
JuniperJunos Os Evolved Version21.4 Updater2
JuniperJunos Os Evolved Version21.4 Updater2-s1
JuniperJunos Os Evolved Version21.4 Updater2-s2
JuniperJunos Os Evolved Version21.4 Updater3
JuniperJunos Os Evolved Version21.4 Updater3-s1
JuniperJunos Os Evolved Version21.4 Updater3-s2
JuniperJunos Os Evolved Version21.4 Updater3-s3
JuniperJunos Os Evolved Version22.1 Updater1
JuniperJunos Os Evolved Version22.1 Updater1-s1
JuniperJunos Os Evolved Version22.1 Updater1-s2
JuniperJunos Os Evolved Version22.1 Updater2
JuniperJunos Os Evolved Version22.1 Updater2-s1
JuniperJunos Os Evolved Version22.1 Updater3
JuniperJunos Os Evolved Version22.1 Updater3-s1
JuniperJunos Os Evolved Version22.2 Updater1
JuniperJunos Os Evolved Version22.2 Updater1-s1
JuniperJunos Os Evolved Version22.2 Updater2
JuniperJunos Os Evolved Version22.2 Updater2-s1
JuniperJunos Os Evolved Version22.2 Updater2-s2
JuniperJunos Os Evolved Version22.3 Updater1
JuniperJunos Os Evolved Version22.3 Updater1-s1
JuniperJunos Os Evolved Version22.3 Updater1-s2
JuniperJunos Os Evolved Version22.3 Updater2
JuniperJunos Os Evolved Version22.3 Updater2-s1
JuniperJunos Os Evolved Version22.3 Updater2-s2
JuniperJunos Os Evolved Version22.4 Updater1
JuniperJunos Os Evolved Version22.4 Updater1-s1
JuniperJunos Os Evolved Version22.4 Updater1-s2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.345
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
sirt@juniper.net 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.