CVE-2023-28979

An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to bypass an integrity check. In a 6PE scenario and if an additional integrity check is configured, it will fail to drop specific malformed IPv6 packets, and then these packets will be forwarded to other connected networks. This issue affects Juniper Networks Junos OS: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R3-S9; 20.2 versions prior to 20.2R3-S7; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S3; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R2-S1, 21.4R3; 22.1 versions prior to 22.1R2; 22.2 versions prior to 22.2R2.

Published: Apr 18, 2023
Updated: Apr 18, 2023
CVE: CVE-2023-28979
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.7
AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWEs:

CWE-754

Affected Software
References

Software	From	Fixed in
juniper / junos	19.3	19.3.x
juniper / junos	19.3-r1	19.3-r1.x
juniper / junos	19.4-r1	19.4-r1.x
juniper / junos	19.3-r2	19.3-r2.x
juniper / junos	19.3-r2-s1	19.3-r2-s1.x
juniper / junos	19.3-r1-s1	19.3-r1-s1.x
juniper / junos	19.4-r1-s1	19.4-r1-s1.x
juniper / junos	19.3-r2-s2	19.3-r2-s2.x
juniper / junos	19.4-r1-s2	19.4-r1-s2.x
juniper / junos	20.2-r1	20.2-r1.x
juniper / junos	19.4-r2	19.4-r2.x
juniper / junos	19.4-r2-s1	19.4-r2-s1.x
juniper / junos	19.3-r2-s3	19.3-r2-s3.x
juniper / junos	19.3-r2-s4	19.3-r2-s4.x
juniper / junos	20.2-r1-s1	20.2-r1-s1.x
juniper / junos	20.2-r1-s2	20.2-r1-s2.x
juniper / junos	19.4-r2-s2	19.4-r2-s2.x
juniper / junos	19.4-r3	19.4-r3.x
juniper / junos	19.3-r2-s5	19.3-r2-s5.x
juniper / junos	19.3-r3	19.3-r3.x
juniper / junos	20.3-r1	20.3-r1.x
juniper / junos	20.3-r1-s1	20.3-r1-s1.x
juniper / junos	20.2-r1-s3	20.2-r1-s3.x
juniper / junos	19.4-r3-s1	19.4-r3-s1.x
juniper / junos	19.4-r2-s3	19.4-r2-s3.x
juniper / junos	20.2-r2	20.2-r2.x
juniper / junos	20.2-r2-s1	20.2-r2-s1.x
juniper / junos	19.4-r1-s3	19.4-r1-s3.x
juniper / junos	20.4-r1	20.4-r1.x
juniper / junos	20.2-r2-s2	20.2-r2-s2.x
juniper / junos	20.4-r1-s1	20.4-r1-s1.x
juniper / junos	20.2-r2-s3	20.2-r2-s3.x
juniper / junos	20.3-r2	20.3-r2.x
juniper / junos	19.3-r3-s1	19.3-r3-s1.x
juniper / junos	21.1-r1	21.1-r1.x
juniper / junos	20.4-r2	20.4-r2.x
juniper / junos	20.3-r2-s1	20.3-r2-s1.x
juniper / junos	20.2-r3	20.2-r3.x
juniper / junos	20.2-r3-s1	20.2-r3-s1.x
juniper / junos	19.4-r3-s2	19.4-r3-s2.x
juniper / junos	19.4-r3-s3	19.4-r3-s3.x
juniper / junos	19.4-r3-s4	19.4-r3-s4.x
juniper / junos	19.3-r3-s2	19.3-r3-s2.x
juniper / junos	21.2-r1	21.2-r1.x
juniper / junos	20.4-r2-s1	20.4-r2-s1.x
juniper / junos	21.1-r1-s1	21.1-r1-s1.x
juniper / junos	20.3-r3	20.3-r3.x
juniper / junos	19.4-r2-s4	19.4-r2-s4.x
juniper / junos	19.4-r3-s5	19.4-r3-s5.x
juniper / junos	19.4-r1-s4	19.4-r1-s4.x
juniper / junos	19.4-r2-s5	19.4-r2-s5.x
juniper / junos	20.2-r3-s2	20.2-r3-s2.x
juniper / junos	19.3-r3-s3	19.3-r3-s3.x
juniper / junos	21.2-r1-s1	21.2-r1-s1.x
juniper / junos	21.1-r2	21.1-r2.x
juniper / junos	19.4-r3-s6	19.4-r3-s6.x
juniper / junos	20.4-r3	20.4-r3.x
juniper / junos	19.3-r2-s6	19.3-r2-s6.x
juniper / junos	19.4	19.4.x
juniper / junos	19.3-r3-s4	19.3-r3-s4.x
juniper / junos	20.2-r3-s3	20.2-r3-s3.x
juniper / junos	20.3-r3-s1	20.3-r3-s1.x
juniper / junos	21.3-r1	21.3-r1.x
juniper / junos	21.3-r2	21.3-r2.x
juniper / junos	21.2-r2	21.2-r2.x
juniper / junos	20.4-r3-s1	20.4-r3-s1.x
juniper / junos	20.4-r2-s2	20.4-r2-s2.x
juniper / junos	21.1-r3	21.1-r3.x
juniper / junos	21.1-r2-s1	21.1-r2-s1.x
juniper / junos	21.2	21.2.x
juniper / junos	21.1	21.1.x
juniper / junos	20.4	20.4.x
juniper / junos	20.3	20.3.x
juniper / junos	20.2	20.2.x
juniper / junos	21.1-r2-s2	21.1-r2-s2.x
juniper / junos	21.2-r1-s2	21.2-r1-s2.x
juniper / junos	21.2-r2-s1	21.2-r2-s1.x
juniper / junos	21.2-r2-s2	21.2-r2-s2.x
juniper / junos	21.4-r1-s1	21.4-r1-s1.x
juniper / junos	21.3-r1-s1	21.3-r1-s1.x
juniper / junos	21.3-r1-s2	21.3-r1-s2.x
juniper / junos	21.4-r1	21.4-r1.x
juniper / junos	20.3-r3-s2	20.3-r3-s2.x
juniper / junos	21.3-r2-s1	21.3-r2-s1.x
juniper / junos	21.3-r2-s2	21.3-r2-s2.x
juniper / junos	21.4-r1-s2	21.4-r1-s2.x
juniper / junos	19.3-r3-s5	19.3-r3-s5.x
juniper / junos	19.4-r2-s6	19.4-r2-s6.x
juniper / junos	19.4-r3-s7	19.4-r3-s7.x
juniper / junos	20.2-r3-s4	20.2-r3-s4.x
juniper / junos	20.3-r1-s2	20.3-r1-s2.x
juniper / junos	20.3-r3-s3	20.3-r3-s3.x
juniper / junos	20.4-r3-s2	20.4-r3-s2.x
juniper / junos	21.1-r3-s1	21.1-r3-s1.x
juniper / junos	21.2-r3	21.2-r3.x
juniper / junos	22.1-r1	22.1-r1.x
juniper / junos	21.3-r3	21.3-r3.x
juniper / junos	21.4-r2	21.4-r2.x
juniper / junos	20.4-r3-s3	20.4-r3-s3.x
juniper / junos	21.4	21.4.x
juniper / junos	21.3	21.3.x
juniper / junos	21.1-r3-s2	21.1-r3-s2.x
juniper / junos	22.1-r1-s1	22.1-r1-s1.x
juniper / junos	21.4-r3	21.4-r3.x
juniper / junos	22.1-r1-s2	22.1-r1-s2.x
juniper / junos	19.4-r3-s8	19.4-r3-s8.x
juniper / junos	20.3-r3-s4	20.3-r3-s4.x
juniper / junos	19.3-r3-s6	19.3-r3-s6.x
juniper / junos	22.2-r1	22.2-r1.x
juniper / junos	22.2-r1-s1	22.2-r1-s1.x
juniper / junos	19.4-r2-s7	19.4-r2-s7.x
juniper / junos	21.2-r3-s1	21.2-r3-s1.x
juniper / junos	20.2-r3-s5	20.2-r3-s5.x
juniper / junos	20.2-r3-s6	20.2-r3-s6.x
juniper / junos	-	19.3
juniper / junos	19.4-r3-s10	19.4-r3-s10.x
juniper / junos	19.3-r2-s7	19.3-r2-s7.x
juniper / junos	22.2-r1-s2	22.2-r1-s2.x

https://supportportal.juniper.net/JSA70604

Vulnerability Database

289,782

CVE-2023-28979