A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service (DoS). If colored SRTE policy tunnels are provisioned via PCEP, and gRPC is used to monitor traffic in these tunnels, evo-aftmand crashes and doesn't restart which leads to a complete and persistent service impact. The system has to be manually restarted to recover. The issue is seen only when the Originator ASN field in PCEP contains a value larger than 65,535 (32-bit ASN). The issue is not reproducible when SRTE policy tunnels are statically configured. This issue affects Junos OS Evolved on PTX Series: * all versions before 22.4R3-S9-EVO, * 23.2 versions before 23.2R2-S6-EVO, * 23.4 versions before 23.4R2-S7-EVO, * 24.2 versions before 24.2R2-S4-EVO, * 24.4 versions before 24.4R2-S2-EVO, * 25.2 versions before 25.2R1-S2-EVO, 25.2R2-EVO.
oryginał ENCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:XJuniper Junos Os Evolved
OSJuniper22.423.223.424.224.425.2< 22.4Juniper Ptx10001 36mr
HWJuniperwszystkie wersjeJuniper Ptx10002 36qdd
HWJuniperwszystkie wersjeJuniper Ptx10003
HWJuniperwszystkie wersjeJuniper Ptx10004
HWJuniperwszystkie wersjeJuniper Ptx10008
HWJuniperwszystkie wersjeJuniper Ptx10016
HWJuniperwszystkie wersjeJuniper Ptx12008
HWJuniperwszystkie wersje
Powiązane podatności
RCE jako root w Juniper Junos OS Evolved — błędne uprawnienia do krytycznego zasobu
An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Rout...
A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the advanced forward...
An Incorrect Synchronization vulnerability in the management daemon (mgd) of Juniper Networks Junos OS and Jun...
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2a...