CVE-2023-36833
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2023-36833 is a Use After Free vulnerability in Juniper Networks Junos OS Evolved on select PTX Series Routers (PTX10001-36MR, PTX10004, PTX10008, PTX10016 with LC1201/1202). An unauthenticated attacker can exploit this issue by triggering a Denial of Service (DoS) event on affected devices. The vulnerability is caused by a crash in the 'aftman-bt' process following multiple flaps on a multicast-only fast reroute (MoFRR) enabled interface. The respective FPC then stops forwarding traffic and requires rebooting to restore service. The affected Junos OS Evolved versions include 21.2R1-EVO and later, 21.3R1-EVO and later, 21.4 versions prior to 21.4R3-S3-EVO, 22.1R1-EVO and later, 22.2 versions prior to 22.2R3-S2-EVO, 22.3 versions prior to 22.3R3-EVO, and 22.4 versions prior to 22.4R1-S2-EVO, 22.4R2-EVO.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Juniper Junos Os Evolved
Affected Vendors
- Juniper Networks
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions