CVE-2023-36831

An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak to occur when accessing certain websites, eventually leading to a Denial of Service (DoS) condition.  Service restoration is only possible by rebooting the system.

The jbuf memory leak only occurs in SSL Proxy and UTM Web-Filtering configurations.  Other products, platforms, and configurations are not affected by this vulnerability.

This issue affects Juniper Networks Junos OS on SRX Series:
22.2 versions prior to 22.2R3;
22.3 versions prior to 22.3R2-S1, 22.3R3;
22.4 versions prior to 22.4R1-S2, 22.4R2.

This issue does not affect Juniper Networks Junos OS versions prior to 22.2R2.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
juniperCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
VendorProductVersion
juniperjunos
22.2:r1
juniperjunos
22.2:r1-s1
juniperjunos
22.2:r1-s2
juniperjunos
22.2:r2
juniperjunos
22.2:r2-s1
juniperjunos
22.2:r2-s2
juniperjunos
22.3:r1
juniperjunos
22.3:r1-s1
juniperjunos
22.3:r1-s2
juniperjunos
22.3:r2
juniperjunos
22.4:r1
juniperjunos
22.4:r1-s1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://supportportal.juniper.net/JSA71636
https://supportportal.juniper.net/JSA71636