Vulnerability

CERT-In Vulnerability Note CIVN-2023-0311
Multiple Vulnerabilities in Juniper Junos OS

Original Issue Date:October 18, 2023

Severity Rating: HIGH

Software Affected

Juniper Networks Junos OS 18.4 version 18.4R2 and later versions prior to 20.4R3-S8
Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S5 on QFX5k
Juniper Networks Junos OS 20.4 versions prior to 20.4R3-S5
Juniper Networks Junos OS 20.4 versions prior to 20.4R3-S5 on QFX5k
Juniper Networks Junos OS 20.4 versions prior to 20.4R3-S9
Juniper Networks Junos OS 21.1 version 21.1R1 and later versions
Juniper Networks Junos OS 21.1 version 21.1R1 and later versions prior to 21.2R3-S6
Juniper Networks Junos OS 21.1 version 21.1R1-EVO and later versions
Juniper Networks Junos OS 21.1 versions 21.1R1 and later
Juniper Networks Junos OS 21.1 versions 21.1R1-EVO and later
Juniper Networks Junos OS 21.1 versions prior to 21.1R3-S2-EVO
Juniper Networks Junos OS 21.1 versions prior to 21.1R3-S4
Juniper Networks Junos OS 21.1 versions prior to 21.1R3-S4 on QFX5k
Juniper Networks Junos OS 21.1 versions prior to 21.1R3-S5
Juniper Networks Junos OS 21.1-EVO version 21.1R1 and later versions
Juniper Networks Junos OS 21.1-EVO version 21.1R1-EVO and later
Juniper Networks Junos OS 21.1-EVO version 21.1R1-EVO and later versions
Juniper Networks Junos OS 21.1-EVO version 21.1R1-EVO and later versions prior to 21.2R3-S4-EVO
Juniper Networks Junos OS 21.1-EVO version 21.1R1-EVO and later versions prior to 21.2R3-S6-EVO
Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S2
Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S2-EVO
Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S3
Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S3 on QFX5k
Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S4
Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S5
Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S5-EVO
Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S6
Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S6-EVO
Juniper Networks Junos OS 21.2-EVO version 21.2R1 and later versions
Juniper Networks Junos OS 21.2-EVO versions prior to 21.2R3-S2-EVO
Juniper Networks Junos OS 21.2-EVO versions prior to 21.2R3-S6-EVO
Juniper Networks Junos OS 21.3 versions prior to 21.3R2-S2, 21.3R3-S1
Juniper Networks Junos OS 21.3 versions prior to 21.3R3
Juniper Networks Junos OS 21.3 versions prior to 21.3R3-S1-EVO
Juniper Networks Junos OS 21.3 versions prior to 21.3R3-S2 on QFX5k
Juniper Networks Junos OS 21.3 versions prior to 21.3R3-S3
Juniper Networks Junos OS 21.3 versions prior to 21.3R3-S4
Juniper Networks Junos OS 21.3 versions prior to 21.3R3-S4-EVO
Juniper Networks Junos OS 21.3 versions prior to 21.3R3-S5
Juniper Networks Junos OS 21.3 versions prior to 21.3R3-S5-EVO
Juniper Networks Junos OS 21.3-EVO version 21.3R1-EVO and later
Juniper Networks Junos OS 21.3-EVO version 21.3R1-EVO and later versions
Juniper Networks Junos OS 21.3-EVO versions prior to 21.3R3-S2-EVO
Juniper Networks Junos OS 21.3-EVO versions prior to 21.3R3-S3-EVO
Juniper Networks Junos OS 21.3-EVO versions prior to 21.3R3-S5-EVO
Juniper Networks Junos OS 21.4 versions prior to 21.4R2-S1, 21.4R3
Juniper Networks Junos OS 21.4 versions prior to 21.4R2-S1, 21.4R3-S5
Juniper Networks Junos OS 21.4 versions prior to 21.4R2-S2, 21.4R3
Juniper Networks Junos OS 21.4 versions prior to 21.4R2-S2-EVO
Juniper Networks Junos OS 21.4 versions prior to 21.4R3
Juniper Networks Junos OS 21.4 versions prior to 21.4R3 on QFX5k
Juniper Networks Junos OS 21.4 versions prior to 21.4R3-S1
Juniper Networks Junos OS 21.4 versions prior to 21.4R3-S2
Juniper Networks Junos OS 21.4 versions prior to 21.4R3-S3
Juniper Networks Junos OS 21.4 versions prior to 21.4R3-S3-EVO
Juniper Networks Junos OS 21.4 versions prior to 21.4R3-S4
Juniper Networks Junos OS 21.4 versions prior to 21.4R3-S4-EVO
Juniper Networks Junos OS 21.4 versions prior to 21.4R3-S5
Juniper Networks Junos OS 21.4 versions prior to 21.4R3-S5-EVO
Juniper Networks Junos OS 21.4-EVO versions prior to 21.4R2-S1-EVO, 21.4R3-EVO
Juniper Networks Junos OS 21.4-EVO versions prior to 21.4R2-S1-EVO, 21.4R3-S5-EVO
Juniper Networks Junos OS 21.4-EVO versions prior to 21.4R3-S3-EVO
Juniper Networks Junos OS 21.4-EVO versions prior to 21.4R3-S4-EVO
Juniper Networks Junos OS 22.1 versions prior to 22.1R1-S2, 22.1R2
Juniper Networks Junos OS 22.1 versions prior to 22.1R2-S2, 22.1R3
Juniper Networks Junos OS 22.1 versions prior to 22.1R3
Juniper Networks Junos OS 22.1 versions prior to 22.1R3 on QFX5k
Juniper Networks Junos OS 22.1 versions prior to 22.1R3-S1
Juniper Networks Junos OS 22.1 versions prior to 22.1R3-S2
Juniper Networks Junos OS 22.1 versions prior to 22.1R3-S2-EVO
Juniper Networks Junos OS 22.1 versions prior to 22.1R3-S3
Juniper Networks Junos OS 22.1 versions prior to 22.1R3-S3-EVO
Juniper Networks Junos OS 22.1 versions prior to 22.1R3-S4
Juniper Networks Junos OS 22.1 versions prior to 22.1R3-S4-EVO
Juniper Networks Junos OS 22.1-EVO version 22.1R1-EVO and later
Juniper Networks Junos OS 22.1-EVO version 22.1R1-EVO and later versions prior to 22.2R2-S2-EVO, 22.2R3-EVO
Juniper Networks Junos OS 22.1-EVO versions prior to 22.1R3-EVO
Juniper Networks Junos OS 22.1-EVO versions prior to 22.1R3-S3-EVO
Juniper Networks Junos OS 22.1-EVO versions prior to 22.1R3-S4-EVO
Juniper Networks Junos OS 22.2 versions 22.2R1-EVO and later
Juniper Networks Junos OS 22.2 versions prior to 22.2R1-S1, 22.2R2
Juniper Networks Junos OS 22.2 versions prior to 22.2R2
Juniper Networks Junos OS 22.2 versions prior to 22.2R2 on QFX5k
Juniper Networks Junos OS 22.2 versions prior to 22.2R2-EVO
Juniper Networks Junos OS 22.2 versions prior to 22.2R2-S1, 22.2R3
Juniper Networks Junos OS 22.2 versions prior to 22.2R2-S2, 22.2R3
Juniper Networks Junos OS 22.2 versions prior to 22.2R3
Juniper Networks Junos OS 22.2 versions prior to 22.2R3-EVO
Juniper Networks Junos OS 22.2 versions prior to 22.2R3-S1
Juniper Networks Junos OS 22.2 versions prior to 22.2R3-S1-EVO
Juniper Networks Junos OS 22.2 versions prior to 22.2R3-S2
Juniper Networks Junos OS 22.2 versions prior to 22.2R3-S2-EVO
Juniper Networks Junos OS 22.2 versions prior to 22.2R3-S3-EVO
Juniper Networks Junos OS 22.2-EVO version 22.2R1-EVO and later
Juniper Networks Junos OS 22.2-EVO versions prior to 22.2R2-S1-EVO, 22.2R3-EVO
Juniper Networks Junos OS 22.2-EVO versions prior to 22.2R3-S2-EVO
Juniper Networks Junos OS 22.2-EVO versions prior to 22.2R3-S3-EVO
Juniper Networks Junos OS 22.3 versions prior to 22.3R1-S2, 22.3R2
Juniper Networks Junos OS 22.3 versions prior to 22.3R1-S2, 22.3R2.
Juniper Networks Junos OS 22.3 versions prior to 22.3R2
Juniper Networks Junos OS 22.3 versions prior to 22.3R2-S1, 22.3R3
Juniper Networks Junos OS 22.3 versions prior to 22.3R2-S1, 22.3R3-S1
Juniper Networks Junos OS 22.3 versions prior to 22.3R2-S2
Juniper Networks Junos OS 22.3 versions prior to 22.3R2-S2, 22.3R3
Juniper Networks Junos OS 22.3 versions prior to 22.3R2-S2, 22.3R3-S1
Juniper Networks Junos OS 22.3 versions prior to 22.3R2-S2-EVO
Juniper Networks Junos OS 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO
Juniper Networks Junos OS 22.3 versions prior to 22.3R3
Juniper Networks Junos OS 22.3 versions prior to 22.3R3-EVO
Juniper Networks Junos OS 22.3-EVO versions prior to 22.3R1-S2-EVO, 22.3R2-EVO
Juniper Networks Junos OS 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-EVO
Juniper Networks Junos OS 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO
Juniper Networks Junos OS 22.4 versions prior to 22.4R1-S1-EVO
Juniper Networks Junos OS 22.4 versions prior to 22.4R1-S2, 22.4R2
Juniper Networks Junos OS 22.4 versions prior to 22.4R2
Juniper Networks Junos OS 22.4 versions prior to 22.4R2-EVO
Juniper Networks Junos OS 22.4 versions prior to 22.4R2-EVO.
Juniper Networks Junos OS 22.4 versions prior to 22.4R2-S1, 22.4R3
Juniper Networks Junos OS 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO
Juniper Networks Junos OS 22.4 versions prior to 22.4R2-S2, 22.4R3
Juniper Networks Junos OS 22.4 versions prior to 22.4R3
Juniper Networks Junos OS 22.4 versions prior to 22.4R3-EVO
Juniper Networks Junos OS 22.4-EVO versions prior to 22.4R2-EVO
Juniper Networks Junos OS 22.4-EVO versions prior to 22.4R2-S1-EVO, 22.4R3-EVO
Juniper Networks Junos OS 22.4-EVO versions prior to 22.4R3-EVO
Juniper Networks Junos OS 23.1 versions prior to 23.1R2
Juniper Networks Junos OS 23.2 versions prior to 23.2R1, 23.2R2
Juniper Networks Junos OS 23.2 versions prior to 23.2R1-S1-EVO, 23.2R2-EVO
Juniper Networks Junos OS 23.2 versions prior to 23.2R2
Juniper Networks Junos OS 23.2 versions prior to 23.2R2-EVO
Juniper Networks Junos OS 23.2-EVO versions prior to 23.2R1-EVO
Juniper Networks Junos OS All versions prior to 20.2R3-S6 on QFX5k
Juniper Networks Junos OS All versions prior to 20.4R3-S4
Juniper Networks Junos OS All versions prior to 20.4R3-S4-EVO
Juniper Networks Junos OS All versions prior to 20.4R3-S5
Juniper Networks Junos OS All versions prior to 20.4R3-S6
Juniper Networks Junos OS All versions prior to 20.4R3-S6-EVO
Juniper Networks Junos OS All versions prior to 20.4R3-S7
Juniper Networks Junos OS All versions prior to 20.4R3-S7-EVO
Juniper Networks Junos OS All versions prior to 20.4R3-S8
Juniper Networks Junos OS All versions prior to 20.4R3-S8, 20.4R3-S9
Juniper Networks Junos OS All versions prior to 20.4R3-S8-EVO
Juniper Networks Junos OS All versions prior to 21.4R3-S3-EVO
Juniper Networks Junos OS All versions prior to 21.4R3-S4-EVO
Juniper Networks Junos OS All versions prior to 21.4R3-S5-EVO
Juniper Networks Junos OS All versions prior to 22.3R3-EVO

Overview

Multiple vulnerabilities have been reported in Juniper Networks Junos OS which could be exploited by an attacker to trigger denial of service condition, elevation of privilege, remote code execution, security restriction bypass, sensitive information disclosure and data manipulation on the targeted system.

Description

These vulnerabilities affect multiple components of Juniper Networks Junos OS. An attacker could exploit these vulnerabilities by sending a specially crafted request on the targeted system.

Successful exploitation of these vulnerabilities could allow an attacker to trigger denial of service condition, elevation of privilege, remote code execution, security restriction bypass, sensitive information disclosure and data manipulation on the targeted system.

Solution

Apply appropriate updates as mentioned in security advisory.

Vendor Information

CVE Name
CVE-2022-2097
CVE-2022-2274
CVE-2023-22392
CVE-2023-26551
CVE-2023-26552
CVE-2023-26553
CVE-2023-26554
CVE-2023-26555
CVE-2023-36839
CVE-2023-36841
CVE-2023-36843
CVE-2023-44175
CVE-2023-44176
CVE-2023-44177
CVE-2023-44178
CVE-2023-44181
CVE-2023-44182
CVE-2023-44183
CVE-2023-44184
CVE-2023-44185
CVE-2023-44186
CVE-2023-44187
CVE-2023-44188
CVE-2023-44189
CVE-2023-44190
CVE-2023-44191
CVE-2023-44192
CVE-2023-44193
CVE-2023-44194
CVE-2023-44195
CVE-2023-44196
CVE-2023-44197
CVE-2023-44198
CVE-2023-44199
CVE-2023-44201
CVE-2023-44202
CVE-2023-44203
CVE-2023-44204

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Email: info@cert-in.org.in
Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India