vulnerability
Juniper Junos OS: 2023-04 Security Bulletin: Junos OS: SRX Series: Policies that rely on JDPI-Decoder actions may fail open (JSA70592) (CVE-2023-28968)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:N/AC:L/Au:N/C:N/I:P/A:N) | Apr 12, 2023 | Apr 13, 2023 | Jan 30, 2025 |
Description
An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder (JDPI-Decoder) Application Signature component of Junos OS's AppID service on SRX Series devices will stop the JDPI-Decoder from identifying dynamic application traffic, allowing an unauthenticated network-based attacker to send traffic to the target device using the JDPI-Decoder, designed to inspect dynamic application traffic and take action upon this traffic, to instead begin to not take action and to pass the traffic through. An example session can be seen by running the following command and evaluating the output. user@device# run show security flow session source-prefix
extensive Session ID: , Status: Normal, State: Active Policy name: Dynamic application: junos:UNKNOWN,Solution

Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.