CVE-2023-44176

Junos OS : Stack overflow vulnerability in CLI command processing

Description

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R3.

Remediation

Solution:

The following software releases have been updated to resolve this specific issue: Junos OS: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 22.1R3-S3, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases.

Workaround:

To reduce the risk of malicious exploitation use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.

References

Link	Tags
https://supportportal.juniper.net/JSA73140	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2023-44176?: CVE-2023-44176 has been scored as a medium severity vulnerability.
How to fix CVE-2023-44176?: To fix CVE-2023-44176: The following software releases have been updated to resolve this specific issue: Junos OS: 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 22.1R3-S3, 22.3R3, 22.4R3, 23.2R1, and all subsequent releases.
Is CVE-2023-44176 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2023-44176 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-44176?: CVE-2023-44176 affects Juniper Networks Junos OS.

Description

Remediation

Categories

CWE-121 – Stack-based Buffer Overflow

CWE-787 – Out-of-bounds Write

References

Frequently Asked Questions