CVE-2023-36843

12.10.2023, 23:15

An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework (jsf) module of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a crash in the Packet Forwarding Engine (pfe) and thereby resulting in a Denial of Service (DoS).

Upon receiving malformed SSL traffic, the PFE crashes. A manual restart will be needed to recover the device.

This issue only affects devices with Juniper Networks Advanced Threat Prevention (ATP) Cloud enabled with Encrypted Traffic Insights (configured via security-metadata-streaming policy).

This issue affects Juniper Networks Junos OS:



  *  All versions prior to 20.4R3-S8, 20.4R3-S9;
  *  21.1 version 21.1R1 and later versions;
  *  21.2 versions prior to 21.2R3-S6;
  *  21.3 versions prior to 21.3R3-S5;
  *  21.4 versions prior to 21.4R3-S5;
  *  22.1 versions prior to 22.1R3-S4;
  *  22.2 versions prior to 22.2R3-S2;
  *  22.3 versions prior to 22.3R2-S2, 22.3R3;
  *  22.4 versions prior to 22.4R2-S1, 22.4R3;

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
juniper	CNA	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 26%

Vendor	Product	Version
juniper_networks	junos_os	𝑥 < 20.4r3-s8
juniper_networks	junos_os	21.2r3-s6 < 𝑥 < 21.2r3-s6
juniper_networks	junos_os	21.3r3-s5 < 𝑥 < 21.3r3-s5
juniper_networks	junos_os	21.4r3-s5 < 𝑥 < 21.4r3-s5
juniper_networks	junos_os	22.1r3-s2 < 𝑥 < 22.1r3-s2
juniper_networks	junos_os	22.2r3-s2 < 𝑥 < 22.2r3-s2
juniper_networks	junos_os	22.3r2-s2 < 𝑥 < 22.3r2-s2
juniper_networks	junos_os	22.3r3 < 𝑥 < 22.3r3
juniper_networks	junos_os	22.4r2-s2 < 𝑥 < 22.4r2-s2
juniper_networks	junos_os	22.4r3 < 𝑥 < 22.4r3
juniper	junos	𝑥 < 20.4
juniper	junos	20.4
juniper	junos	20.4:r1
juniper	junos	20.4:r1-s1
juniper	junos	20.4:r2
juniper	junos	20.4:r2-s1
juniper	junos	20.4:r2-s2
juniper	junos	20.4:r3
juniper	junos	20.4:r3-s1
juniper	junos	20.4:r3-s2
juniper	junos	20.4:r3-s3
juniper	junos	20.4:r3-s4
juniper	junos	20.4:r3-s5
juniper	junos	20.4:r3-s6
juniper	junos	20.4:r3-s7
juniper	junos	20.4:r3-s9
juniper	junos	21.1:r1
juniper	junos	21.1:r1-s1
juniper	junos	21.1:r2
juniper	junos	21.1:r2-s1
juniper	junos	21.1:r2-s2
juniper	junos	21.1:r3
juniper	junos	21.1:r3-s1
juniper	junos	21.1:r3-s2
juniper	junos	21.1:r3-s3
juniper	junos	21.1:r3-s4
juniper	junos	21.1:r3-s5
juniper	junos	21.2
juniper	junos	21.2:r1
juniper	junos	21.2:r1-s1
juniper	junos	21.2:r1-s2
juniper	junos	21.2:r2
juniper	junos	21.2:r2-s1
juniper	junos	21.2:r2-s2
juniper	junos	21.2:r3
juniper	junos	21.2:r3-s1
juniper	junos	21.2:r3-s2
juniper	junos	21.2:r3-s3
juniper	junos	21.2:r3-s4
juniper	junos	21.2:r3-s5
juniper	junos	21.3
juniper	junos	21.3:r1
juniper	junos	21.3:r1-s1
juniper	junos	21.3:r1-s2
juniper	junos	21.3:r2
juniper	junos	21.3:r2-s1
juniper	junos	21.3:r2-s2
juniper	junos	21.3:r3
juniper	junos	21.3:r3-s1
juniper	junos	21.3:r3-s2
juniper	junos	21.3:r3-s3
juniper	junos	21.3:r3-s4
juniper	junos	21.4
juniper	junos	21.4:r1
juniper	junos	21.4:r1-s1
juniper	junos	21.4:r1-s2
juniper	junos	21.4:r2
juniper	junos	21.4:r2-s1
juniper	junos	21.4:r2-s2
juniper	junos	21.4:r3
juniper	junos	21.4:r3-s1
juniper	junos	21.4:r3-s2
juniper	junos	21.4:r3-s3
juniper	junos	21.4:r3-s4
juniper	junos	22.1:r1
juniper	junos	22.1:r1-s1
juniper	junos	22.1:r1-s2
juniper	junos	22.1:r2
juniper	junos	22.1:r2-s1
juniper	junos	22.1:r2-s2
juniper	junos	22.1:r3
juniper	junos	22.1:r3-s1
juniper	junos	22.2:r1
juniper	junos	22.2:r1-s1
juniper	junos	22.2:r1-s2
juniper	junos	22.2:r2
juniper	junos	22.2:r2-s1
juniper	junos	22.2:r2-s2
juniper	junos	22.2:r3
juniper	junos	22.2:r3-s1
juniper	junos	22.3:r1
juniper	junos	22.3:r1-s1
juniper	junos	22.3:r1-s2
juniper	junos	22.3:r2
juniper	junos	22.3:r2-s1
juniper	junos	22.3:r3
juniper	junos	22.4:r1
juniper	junos	22.4:r1-s1
juniper	junos	22.4:r1-s2
juniper	junos	22.4:r2
juniper	junos	22.4:r3

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-168 - Improper Handling of Inconsistent Special Elements
The software does not properly handle input in which an inconsistency exists between two or more special characters or reserved words.

References

https://supportportal.juniper.net/JSA73174