CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-28984

A Use After Free vulnerability in the Layer 2 Address Learning Manager (l2alm) of Juniper Networks Junos OS on QFX Series allows an adjacent attacker to cause the Packet Forwarding Engine to crash and restart, leading to a Denial of Service (DoS). The PFE may crash when a lot of MAC learning and aging happens, but due to a Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization) that is outside the attackers direct control. This issue affects: Juniper Networks Junos OS versions prior to 19.4R3-S10 on QFX Series; 20.2 versions prior to 20.2R3-S7 on QFX Series; 20.3 versions prior to 20.3R3-S6 on QFX Series; 20.4 versions prior to 20.4R3-S5 on QFX Series; 21.1 versions prior to 21.1R3-S4 on QFX Series; 21.2 versions prior to 21.2R3-S3 on QFX Series; 21.3 versions prior to 21.3R3-S3 on QFX Series; 21.4 versions prior to 21.4R3 on QFX Series; 22.1 versions prior to 22.1R3 on QFX Series; 22.2 versions prior to 22.2R2 on QFX Series.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.7%

CVSS Severity

CVSS v3 Score 5.3

References

Products affected by CVE-2023-28984

Juniper » Qfx10000 » Version: N/A

cpe:2.3:h:juniper:qfx10000:-
Juniper » Qfx10002-32q » Version: N/A

cpe:2.3:h:juniper:qfx10002-32q:-
Juniper » Qfx10002-60c » Version: N/A

cpe:2.3:h:juniper:qfx10002-60c:-
Juniper » Qfx10002-72q » Version: N/A

cpe:2.3:h:juniper:qfx10002-72q:-
Juniper » Qfx10002 » Version: N/A

cpe:2.3:h:juniper:qfx10002:-
Juniper » Qfx10008 » Version: N/A

cpe:2.3:h:juniper:qfx10008:-
Juniper » Qfx10016 » Version: N/A

cpe:2.3:h:juniper:qfx10016:-
Juniper » Qfx10k » Version: N/A

cpe:2.3:h:juniper:qfx10k:-
Juniper » Qfx3000-G » Version: N/A

cpe:2.3:h:juniper:qfx3000-g:-
Juniper » Qfx3000-M » Version: N/A

cpe:2.3:h:juniper:qfx3000-m:-
Juniper » Qfx3008-I » Version: N/A

cpe:2.3:h:juniper:qfx3008-i:-
Juniper » Qfx3100 » Version: N/A

cpe:2.3:h:juniper:qfx3100:-
Juniper » Qfx3500 » Version: N/A

cpe:2.3:h:juniper:qfx3500:-
Juniper » Qfx3600-I » Version: N/A

cpe:2.3:h:juniper:qfx3600-i:-
Juniper » Qfx3600 » Version: N/A

cpe:2.3:h:juniper:qfx3600:-
Juniper » Qfx5100-96s » Version: N/A

cpe:2.3:h:juniper:qfx5100-96s:-
Juniper » Qfx5100 » Version: N/A

cpe:2.3:h:juniper:qfx5100:-
Juniper » Qfx5110 » Version: N/A

cpe:2.3:h:juniper:qfx5110:-
Juniper » Qfx5120 » Version: N/A

cpe:2.3:h:juniper:qfx5120:-
Juniper » Qfx5130 » Version: N/A

cpe:2.3:h:juniper:qfx5130:-
Juniper » Qfx5200-32c » Version: N/A

cpe:2.3:h:juniper:qfx5200-32c:-
Juniper » Qfx5200-48y » Version: N/A

cpe:2.3:h:juniper:qfx5200-48y:-
Juniper » Qfx5200 » Version: N/A

cpe:2.3:h:juniper:qfx5200:-
Juniper » Qfx5210-64c » Version: N/A

cpe:2.3:h:juniper:qfx5210-64c:-
Juniper » Qfx5210 » Version: N/A

cpe:2.3:h:juniper:qfx5210:-
Juniper » Qfx5220 » Version: N/A

cpe:2.3:h:juniper:qfx5220:-
Juniper » Junos » Version: 20.2

cpe:2.3:o:juniper:junos:20.2
Juniper » Junos » Version: 20.3

cpe:2.3:o:juniper:junos:20.3
Juniper » Junos » Version: 20.4

cpe:2.3:o:juniper:junos:20.4
Juniper » Junos » Version: 21.1

cpe:2.3:o:juniper:junos:21.1
Juniper » Junos » Version: 21.2

cpe:2.3:o:juniper:junos:21.2
Juniper » Junos » Version: 21.3

cpe:2.3:o:juniper:junos:21.3
Juniper » Junos » Version: 21.4

cpe:2.3:o:juniper:junos:21.4
Juniper » Junos » Version: 22.1

cpe:2.3:o:juniper:junos:22.1
Juniper » Junos » Version: 22.2

cpe:2.3:o:juniper:junos:22.2
Juniper » Junos » Version: 22.3

cpe:2.3:o:juniper:junos:22.3
Juniper » Junos » Version: 22.4

cpe:2.3:o:juniper:junos:22.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-28984

Products

Pricing

Contact Us