vulnerability

Juniper Junos OS: 2023-04 Security Bulletin: Junos OS: SRX Series: Policies that rely on JDPI-Decoder actions may fail open (JSA70592) (CVE-2023-28968)

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
Apr 12, 2023
Added
Apr 13, 2023
Modified
Jan 30, 2025

Description

An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder (JDPI-Decoder) Application Signature component of Junos OS's AppID service on SRX Series devices will stop the JDPI-Decoder from identifying dynamic application traffic, allowing an unauthenticated network-based attacker to send traffic to the target device using the JDPI-Decoder, designed to inspect dynamic application traffic and take action upon this traffic, to instead begin to not take action and to pass the traffic through. An example session can be seen by running the following command and evaluating the output. user@device# run show security flow session source-prefix

extensive Session ID: , Status: Normal, State: Active Policy name: Dynamic application: junos:UNKNOWN,

Solution

juniper-junos-os-upgrade-latest
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.