CVE-2023-44182

13.10.2023, 00:15

An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects such as demotion or elevation of privileges associated with an operators actions to occur.

Multiple scenarios may occur; for example: privilege escalation over the device or another account, access to files that should not otherwise be accessible, files not being accessible where they should be accessible, code expected to run as non-root may run as root, and so forth.

This issue affects:

Juniper Networks Junos OS



  *  All versions prior to 20.4R3-S7;
  *  21.1 versions prior to 21.1R3-S5;
  *  21.2 versions prior to 21.2R3-S5;
  *  21.3 versions prior to 21.3R3-S4;
  *  21.4 versions prior to 21.4R3-S3;
  *  22.1 versions prior to 22.1R3-S2;
  *  22.2 versions prior to 22.2R2-S2, 22.2R3;
  *  22.3 versions prior to 22.3R1-S2, 22.3R2.




Juniper Networks Junos OS Evolved



  *  All versions prior to 21.4R3-S3-EVO;
  *  22.1-EVO version 22.1R1-EVO and later versions prior to 22.2R2-S2-EVO, 22.2R3-EVO;
  *  22.3-EVO versions prior to 22.3R1-S2-EVO, 22.3R2-EVO.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.3 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
juniper	CNA	7.3 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 31%

Vendor	Product	Version
juniper	junos	𝑥 < 20.4
juniper	junos	20.4
juniper	junos	20.4:r1
juniper	junos	20.4:r1-s1
juniper	junos	20.4:r2
juniper	junos	20.4:r2-s1
juniper	junos	20.4:r2-s2
juniper	junos	20.4:r3
juniper	junos	20.4:r3-s1
juniper	junos	20.4:r3-s2
juniper	junos	20.4:r3-s3
juniper	junos	20.4:r3-s4
juniper	junos	20.4:r3-s5
juniper	junos	20.4:r3-s6
juniper	junos	21.1
juniper	junos	21.1:r1
juniper	junos	21.1:r1-s1
juniper	junos	21.1:r2
juniper	junos	21.1:r2-s1
juniper	junos	21.1:r2-s2
juniper	junos	21.1:r3
juniper	junos	21.1:r3-s1
juniper	junos	21.1:r3-s2
juniper	junos	21.1:r3-s3
juniper	junos	21.1:r3-s4
juniper	junos	21.2
juniper	junos	21.2:r1
juniper	junos	21.2:r1-s1
juniper	junos	21.2:r1-s2
juniper	junos	21.2:r2
juniper	junos	21.2:r2-s1
juniper	junos	21.2:r2-s2
juniper	junos	21.2:r3
juniper	junos	21.2:r3-s1
juniper	junos	21.2:r3-s2
juniper	junos	21.2:r3-s3
juniper	junos	21.2:r3-s4
juniper	junos	21.3
juniper	junos	21.3:r1
juniper	junos	21.3:r1-s1
juniper	junos	21.3:r1-s2
juniper	junos	21.3:r2
juniper	junos	21.3:r2-s1
juniper	junos	21.3:r2-s2
juniper	junos	21.3:r3
juniper	junos	21.3:r3-s1
juniper	junos	21.3:r3-s2
juniper	junos	21.3:r3-s3
juniper	junos	21.4
juniper	junos	21.4:r1
juniper	junos	21.4:r1-s1
juniper	junos	21.4:r1-s2
juniper	junos	21.4:r2
juniper	junos	21.4:r2-s1
juniper	junos	21.4:r2-s2
juniper	junos	21.4:r3
juniper	junos	21.4:r3-s1
juniper	junos	21.4:r3-s2
juniper	junos	22.1
juniper	junos	22.1:r1
juniper	junos	22.1:r1-s1
juniper	junos	22.1:r1-s2
juniper	junos	22.1:r2
juniper	junos	22.1:r2-s1
juniper	junos	22.1:r2-s2
juniper	junos	22.1:r3
juniper	junos	22.1:r3-s1
juniper	junos	22.2
juniper	junos	22.2:r1
juniper	junos	22.2:r1-s1
juniper	junos	22.2:r1-s2
juniper	junos	22.2:r2
juniper	junos	22.2:r2-s1
juniper	junos	22.3
juniper	junos	22.3:r1
juniper	junos	22.3:r1-s1
juniper	junos_os_evolved	𝑥 < 21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4:r1
juniper	junos_os_evolved	21.4:r1-s1
juniper	junos_os_evolved	21.4:r1-s2
juniper	junos_os_evolved	21.4:r2
juniper	junos_os_evolved	21.4:r2-s1
juniper	junos_os_evolved	21.4:r2-s2
juniper	junos_os_evolved	21.4:r3
juniper	junos_os_evolved	21.4:r3-s1
juniper	junos_os_evolved	21.4:r3-s2
juniper	junos_os_evolved	22.1:r1
juniper	junos_os_evolved	22.1:r1-s1
juniper	junos_os_evolved	22.1:r1-s2
juniper	junos_os_evolved	22.1:r2
juniper	junos_os_evolved	22.1:r2-s1
juniper	junos_os_evolved	22.1:r3
juniper	junos_os_evolved	22.1:r3-s1
juniper	junos_os_evolved	22.1:r3-s2
juniper	junos_os_evolved	22.1:r3-s3
juniper	junos_os_evolved	22.2:r1
juniper	junos_os_evolved	22.2:r1-s1
juniper	junos_os_evolved	22.2:r2
juniper	junos_os_evolved	22.2:r2-s1
juniper	junos_os_evolved	22.3:r1
juniper	junos_os_evolved	22.3:r1-s1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-252 - Unchecked Return Value
The software does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

References

https://supportportal.juniper.net/JSA73149

https://www.juniper.net/documentation/en_US/junos/topics/concept/junos-software-user-interfaces-overview.html

https://www.juniper.net/documentation/us/en/software/junos/interfaces-telemetry/topics/concept/junos-telemetry-interface-grpc-sensors.html

https://supportportal.juniper.net/JSA73149

https://www.juniper.net/documentation/en_US/junos/topics/concept/junos-software-user-interfaces-overview.html

https://www.juniper.net/documentation/us/en/software/junos/interfaces-telemetry/topics/concept/junos-telemetry-interface-grpc-sensors.html