漏洞标题
Junos OS和Junos OS进化:通过DREND的特定查询导致RPG crashes
漏洞描述信息
在Juniper Networks的Joones OS和Joones OS进化版的路由协议进程(RPD)中,不当的异常或特殊条件漏洞可能导致基于网络的未授权攻击者导致RPD崩溃,从而导致服务质量拒绝(DoS)。
在所有Joones OS和Joones OS进化版的平台上,当NETCONF和gRPC启用,并通过动态渲染(DREND)执行特定查询时,RPD将崩溃并重新启动。持续执行此特定查询将导致持续的服务质量拒绝(DoS)条件。
此问题影响:
Juniper Networks的Joones OS
* 22.2版本早于22.2R2-S2,22.2R3;
* 22.3版本早于22.3R2,22.3R3。
Juniper Networks的Joones OS进化版
* 22.2版本早于22.2R2-S2-EVO,22.2R3-EVO;
* 22.3版本早于22.3R2-EVO,22.3R3-EVO。
此问题不影响Juniper Networks:
Joos OS版本早于22.2R1;
Joos OS进化版本早于22.2R1-EVO。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
对因果或异常条件的不恰当检查
漏洞标题
Junos OS and Junos OS Evolved: A specific query via DREND causes rpd crash
漏洞描述信息
An Improper Check for Unusual or Exceptional Conditions vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause rpd to crash, leading to Denial of Service (DoS).
On all Junos OS and Junos OS Evolved platforms, when NETCONF and gRPC are enabled, and a specific query is executed via Dynamic Rendering (DREND), rpd will crash and restart. Continuous execution of this specific query will cause a sustained Denial of Service (DoS) condition.
This issue affects:
Juniper Networks Junos OS
* 22.2 versions earlier than 22.2R2-S2, 22.2R3;
* 22.3 versions earlier than 22.3R2, 22.3R3.
Juniper Networks Junos OS Evolved
* 22.2 versions earlier than 22.2R2-S2-EVO, 22.2R3-EVO;
* 22.3 versions earlier than 22.3R2-EVO, 22.3R3-EVO.
This issue does not affect Juniper Networks:
Junos OS versions earlier than 22.2R1;
Junos OS Evolved versions earlier than 22.2R1-EVO.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
对因果或异常条件的不恰当检查
漏洞标题
Juniper Networks Junos OS 和 Junos OS Evolved 安全漏洞
漏洞描述信息
Juniper Networks Junos OS和Juniper Networks Junos OS Evolved都是美国瞻博网络(Juniper Networks)公司的产品。Juniper Networks Junos OS是一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。Juniper Networks Junos OS Evolved是Junos OS 的升级版系统。 Juniper Networks Junos OS 和 Junos OS Evol
CVSS信息
N/A
漏洞类别
其他