CVE-2023-22414

{"id": "CVE-2023-22414", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2023-01-13T00:15:11.603", "references": [{"url": "https://kb.juniper.net/JSA70210", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}, {"url": "https://kb.juniper.net/JSA70210", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-401"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-401"}]}], "descriptions": [{"lang": "en", "value": "A Missing Release of Memory after Effective Lifetime vulnerability in Flexible PIC Concentrator (FPC) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker from the same shared physical or logical network, to cause a heap memory leak and leading to FPC crash. On all Junos PTX Series and QFX10000 Series, when specific EVPN VXLAN Multicast packets are processed, an FPC heap memory leak is observed. The FPC memory usage can be monitored using the CLI command \"show heap extensive\". Following is an example output. ID Base Total(b) Free(b) Used(b) % Name Peak used % -- -------- --------- --------- --------- --- ----------- ----------- 0 37dcf000 3221225472 1694526368 1526699104 47 Kernel 47 1 17dcf000 1048576 1048576 0 0 TOE DMA 0 2 17ecf000 1048576 1048576 0 0 DMA 0 3 17fcf000 534773760 280968336 253805424 47 Packet DMA 47 This issue affects: Juniper Networks Junos OS PTX Series and QFX10000 Series 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S3; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R2; 22.2 versions prior to 22.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.1R1 on PTX Series and QFX10000 Series."}, {"lang": "es", "value": "Una vulnerabilidad de liberaci\u00f3n de memoria faltante despu\u00e9s de la vida \u00fatil efectiva en Flexible PIC Concentrator (FPC) de Juniper Networks Junos OS permite que un atacante adyacente, no autenticado de la misma red f\u00edsica o l\u00f3gica compartida, provoque una p\u00e9rdida de memoria del mont\u00f3n y provoque una falla de FPC. En todas las series Junos PTX y QFX10000, cuando se procesan paquetes de multidifusi\u00f3n EVPN VXLAN espec\u00edficos, se observa una p\u00e9rdida de memoria del mont\u00f3n FPC. El uso de la memoria FPC se puede monitorear usando el comando CLI \"mostrar mont\u00f3n extenso\". A continuaci\u00f3n se muestra un resultado de ejemplo.ID Base Total(b) Free(b) Used(b) % Name Peak used % -- -------- --------- --------- --------- --- ----------- ----------- 0 37dcf000 3221225472 1694526368 1526699104 47 Kernel 47 1 17dcf000 1048576 1048576 0 0 TOE DMA 0 2 17ecf000 1048576 1048576 0 0 DMA 0 3 17fcf000 534773760 280968336 253805424 47 Packet DMA 47. Este problema afecta a: Juniper Networks Junos OS PTX Series y QFX10000 Series 20.2 versiones anteriores a 20.2R3-S6; Versiones 20.3 anteriores a 20.3R3-S6; Versiones 20.4 anteriores a 20.4R3-S4; Versiones 21.1 anteriores a 21.1R3-S3; Versiones 21.2 anteriores a 21.2R3-S1; Versiones 21.3 anteriores a 21.3R3; Versiones 21.4 anteriores a 21.4R3; Versiones 22.1 anteriores a 22.1R2; Versiones 22.2 anteriores a 22.2R2. Este problema no afecta a las versiones de Juniper Networks Junos OS anteriores a 20.1R1 en las series PTX y QFX10000."}], "lastModified": "2024-11-21T07:44:46.283", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4CF52CF-F911-4615-9171-42F84429149F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A80F23B-CD13-4745-BA92-67C23B297A18"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67D4004B-1233-4258-9C7A-F05189146B44"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69E33F24-D480-4B5F-956D-D435A551CBE7"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E5E3FDB-3F33-4686-9B64-0152AD41939D"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03009CC1-21AC-4A46-A747-D0C67FCD41DA"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A352BB7A-6F17-4E64-BC02-1A7E4CD42653"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3DC01F2-6DFE-4A8E-9962-5E59AA965935"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DA0E196-925E-4056-B411-E158702D5D4F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E33A522F-E35C-4473-9CBD-9C6E5A831086"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9AE26EB-699B-4B10-87E2-9E731B820F32"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A29E0070-47E9-43DD-9303-C732FE8CC851"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5E7E8D2-5D08-492E-84FC-8803E50F2CA7"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B798133-105C-448B-B06E-57327E44E478"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:juniper:qfx10000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5AF2039C-E08C-472F-82E6-DAD3F94724B5"}, {"criteria": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F1401145-D8EC-4DB9-9CDE-9DE6C0D000C5"}, {"criteria": "cpe:2.3:h:juniper:qfx10002-32q:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "17E59530-3262-4BDC-915C-0B8D2EED7784"}, {"criteria": "cpe:2.3:h:juniper:qfx10002-60c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "626CA614-72D4-4A8B-9C38-275C7A7F8D85"}, {"criteria": "cpe:2.3:h:juniper:qfx10002-72q:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D0FF30F4-3D10-4AD6-9643-5826A11C7629"}, {"criteria": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1453E42A-77B3-4922-8EC3-1A5668C39550"}, {"criteria": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26408465-BD6A-4416-B98E-691A5F651080"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "sirt@juniper.net"}