CVE-2023-36833

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jul 14, 2023
Updated: Jul 27, 2023
CWE ID 416

Summary

CVE-2023-36833 is a Use After Free vulnerability in Juniper Networks Junos OS Evolved on select PTX Series Routers (PTX10001-36MR, PTX10004, PTX10008, PTX10016 with LC1201/1202). An unauthenticated attacker can exploit this issue by triggering a Denial of Service (DoS) event on affected devices. The vulnerability is caused by a crash in the 'aftman-bt' process following multiple flaps on a multicast-only fast reroute (MoFRR) enabled interface. The respective FPC then stops forwarding traffic and requires rebooting to restore service. The affected Junos OS Evolved versions include 21.2R1-EVO and later, 21.3R1-EVO and later, 21.4 versions prior to 21.4R3-S3-EVO, 22.1R1-EVO and later, 22.2 versions prior to 22.2R3-S2-EVO, 22.3 versions prior to 22.3R3-EVO, and 22.4 versions prior to 22.4R1-S2-EVO, 22.4R2-EVO.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Juniper Junos Os Evolved

Affected Vendors

  • Juniper Networks

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-36833 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions