CVE-2023-4481

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Sep 1, 2023
Updated: Sep 7, 2023
CWE ID 79

Summary

CVE-2023-4481 is an Input Validation vulnerability affecting Juniper Networks Junos OS and Junos OS Evolved in the Routing Protocol Daemon (rpd). An unauthenticated, remote attacker can exploit this vulnerability by sending crafted BGP UPDATE messages to cause a Denial of Service (DoS). The vulnerability allows tearing down a single BGP session or propagating the issue to multiple remote systems. The impacted devices will remain non-impacted but affected systems may experience continuous DoS conditions. This vulnerability affects eBGP and iBGP sessions in both IPv4 and IPv6 implementations, and an attacker must have at least one established BGP session to exploit it.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share