Juniper Junos OS Vulnerability (JSA70192)

high Nessus Plugin ID 177295

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70192 advisory. An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine (RE) of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service (DoS). The system does not recover automatically and must be manually restarted to restore service. This issue occurs when crafted TCP packets are sent directly to a configured IPv4 or IPv6 interface on the device. Transit traffic will not trigger this issue. MBUF usage can be monitored through the use of the 'show system buffers' command.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Apply the relevant Junos software release referenced in Juniper advisory JSA70192

See Also

http://www.nessus.org/u?638b86fc

http://www.nessus.org/u?c980b637

http://www.nessus.org/u?2f8cb861

http://www.nessus.org/u?8efd3d1c

Plugin Details

Severity: High

ID: 177295

File Name: juniper_jsa70192.nasl

Version: 1.0

Type: combined

Published: 6/14/2023

Updated: 6/14/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2023-22396

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:juniper:junos

Required KB Items: Host/Juniper/JUNOS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 1/11/2023

Vulnerability Publication Date: 1/11/2023

Reference Information

CVE: CVE-2023-22396

IAVA: 2023-A-0041

JSA: JSA70192