CVE-2023-36836— Junos OS and Junos OS Evolved: In a MoFRR scenario an rpd core may be observed when a low privileged CLI command is executed

CVSS 4.7 · Medium EPSS 0.06% · P20 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-36836

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Junos OS and Junos OS Evolved: In a MoFRR scenario an rpd core may be observed when a low privileged CLI command is executed

Source: NVD (National Vulnerability Database)

Vulnerability Description

A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, in a Multicast only Fast Reroute (MoFRR) scenario, the rpd process can crash when a a specific low privileged CLI command is executed. The rpd crash will impact all routing protocols until the process has automatically been restarted. As the operational state which makes this issue exploitable is outside the attackers control, this issue is considered difficult to exploit. Continued execution of this command will lead to a sustained DoS. This issue affects: Juniper Networks Junos OS 19.4 version 19.4R3-S5 and later versions prior to 19.4R3-S9; 20.1 version 20.1R2 and later versions; 20.2 versions prior to 20.2R3-S7; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S6; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2; 22.2 versions prior to 22.2R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S6-EVO; 21.1-EVO version 21.1R1-EVO and later versions; 21.2-EVO version 21.2R1-EVO and later versions; 21.3-EVO versions prior to 21.3R3-S1-EVO; 21.4-EVO versions prior to 21.4R3-EVO; 22.1-EVO versions prior to 22.1R1-S2-EVO, 22.1R2-EVO; 22.2-EVO versions prior to 22.2R2-EVO.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

对未经初始化资源的使用

Source: NVD (National Vulnerability Database)

Vulnerability Title

Juniper Networks Junos OS和Junos OS Evolved 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Juniper Networks Junos OS和Juniper Networks Junos OS Evolved都是美国瞻博网络（Juniper Networks）公司的产品。Juniper Networks Junos OS是一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。Juniper Networks Junos OS Evolved是Junos OS 的升级版系统。 Junos OS和Junos OS Evolved存在安全漏洞，该漏洞源于路由协议

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Juniper Networks	Junos OS	19.4R3-S4 ~ 19.4*	-
Juniper Networks	Junos OS Evolved	unspecified ~ 20.4R3-S6-EVO	-

II. Public POCs for CVE-2023-36836

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-36836

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2023-36836

Same Patch Batch · Juniper Networks · 2023-07-14 · 12 CVEs total

CVE-2023-36835	7.5 HIGH	Junos OS: QFX10000 Series: All traffic will be dropped after a specific valid IP packet ha
CVE-2023-28985	7.5 HIGH	SRX Series and MX Series: An FPC core is observed when IDP is enabled on the device and a
CVE-2023-36832	7.5 HIGH	Junos OS: MX Series: PFE crash upon receipt of specific packet destined to an AMS interfac
CVE-2023-36831	7.5 HIGH	Junos OS: SRX Series: jbuf memory leak when SSL Proxy and UTM Web-Filtering is applied
CVE-2023-36850	6.5 MEDIUM	Junos OS: MX Series: An MPC will crash upon receipt of a malformed CFM packet.
CVE-2023-36849	6.5 MEDIUM	Junos OS and Junos OS Evolved: The l2cpd will crash when a malformed LLDP packet is receiv
CVE-2023-36848	6.5 MEDIUM	Junos OS: MX Series: The FPC will crash on receiving a malformed CFM packet
CVE-2023-36834	6.5 MEDIUM	Junos OS: SRX 4600 and SRX 5000 Series: The receipt of specific genuine packets by SRXes c
CVE-2023-36833	6.5 MEDIUM	Junos OS Evolved: PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202: The af
CVE-2023-36840	5.5 MEDIUM	Junos OS and Junos OS Evolved: An rpd crash occurs when a specific L2VPN command is run
CVE-2023-36838	5.5 MEDIUM	Junos OS: SRX Series: A flowd core occurs when running a low privileged CLI command

IV. Related Vulnerabilities

Same product: Junos OS

Same vendor: Juniper Networks

Same weakness: CWE-908

V. Comments for CVE-2023-36836

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-36836— Junos OS and Junos OS Evolved: In a MoFRR scenario an rpd core may be observed when a low privileged CLI command is executed

I. Basic Information for CVE-2023-36836

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-36836

III. Intelligence Information for CVE-2023-36836

Same Patch Batch · Juniper Networks · 2023-07-14 · 12 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-36836

Leave a comment