CVE-2023-36831
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak to occur when accessing certain websites, eventually leading to a Denial of Service (DoS) condition. Service restoration is only possible by rebooting the system.
The jbuf memory leak only occurs in SSL Proxy and UTM Web-Filtering configurations. Other products, platforms, and configurations are not affected by this vulnerability.
This issue affects Juniper Networks Junos OS on SRX Series: 22.2 versions prior to 22.2R3; 22.3 versions prior to 22.3R2-S1, 22.3R3; 22.4 versions prior to 22.4R1-S2, 22.4R2.
This issue does not affect Juniper Networks Junos OS versions prior to 22.2R2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 22.2 < 22.2R3 | affected |
| Juniper Networks | Junos OS | 22.3 < 22.3R2-S1, 22.3R3 | affected |
| Juniper Networks | Junos OS | 22.4 < 22.4R1-S2, 22.4R2 | affected |
| Juniper Networks | Junos OS | unspecified < 22.2R2 | unaffected |
Weaknesses
- CWE-703: CWE-703 Improper Check or Handling of Exceptional Conditions
- Denial of Service (DoS)
Workarounds
There are no known workarounds for this issue.
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.