medium
6.5
CWE
459
Advisory Published
Updated

CVE-2023-22407: Junos OS and Junos OS Evolved: An RPD crash can happen due to an MPLS TE tunnel configuration change on a directly connected router

First published: Thu Jan 12 2023(Updated: )

An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). An rpd crash can occur when an MPLS TE tunnel configuration change occurs on a directly connected router. This issue affects: Juniper Networks Junos OS All versions prior to 18.4R2-S7; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R3; 19.3 versions prior to 19.3R3; 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2. Juniper Networks Junos OS Evolved All versions prior to 19.2R3-EVO; 19.3 versions prior to 19.3R3-EVO; 19.4 versions prior to 19.4R3-EVO; 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R2-EVO.

Credit: sirt@juniper.net

Affected SoftwareAffected VersionHow to fix
Junos OS Evolved<18.4
Junos OS Evolved=18.4
Junos OS Evolved=18.4-r1
Junos OS Evolved=18.4-r1-s1
Junos OS Evolved=18.4-r1-s2
Junos OS Evolved=18.4-r1-s3
Junos OS Evolved=18.4-r1-s4
Junos OS Evolved=18.4-r1-s5
Junos OS Evolved=18.4-r1-s6
Junos OS Evolved=18.4-r1-s7
Junos OS Evolved=18.4-r2
Junos OS Evolved=18.4-r2-s1
Junos OS Evolved=18.4-r2-s10
Junos OS Evolved=18.4-r2-s2
Junos OS Evolved=18.4-r2-s3
Junos OS Evolved=18.4-r2-s4
Junos OS Evolved=18.4-r2-s5
Junos OS Evolved=18.4-r2-s6
Junos OS Evolved=19.1
Junos OS Evolved=19.1-r1
Junos OS Evolved=19.1-r1-s1
Junos OS Evolved=19.1-r1-s2
Junos OS Evolved=19.1-r1-s3
Junos OS Evolved=19.1-r1-s4
Junos OS Evolved=19.1-r1-s5
Junos OS Evolved=19.1-r1-s6
Junos OS Evolved=19.1-r2
Junos OS Evolved=19.1-r2-s1
Junos OS Evolved=19.1-r2-s2
Junos OS Evolved=19.1-r2-s3
Junos OS Evolved=19.1-r3
Junos OS Evolved=19.1-r3-s1
Junos OS Evolved=19.2
Junos OS Evolved=19.2-r1
Junos OS Evolved=19.2-r1-s1
Junos OS Evolved=19.2-r1-s2
Junos OS Evolved=19.2-r1-s3
Junos OS Evolved=19.2-r1-s4
Junos OS Evolved=19.2-r1-s5
Junos OS Evolved=19.2-r1-s6
Junos OS Evolved=19.2-r1-s7
Junos OS Evolved=19.2-r1-s8
Junos OS Evolved=19.2-r1-s9
Junos OS Evolved=19.2-r2
Junos OS Evolved=19.2-r2-s1
Junos OS Evolved=19.2-r3
Junos OS Evolved=19.2-r3-s1
Junos OS Evolved=19.3
Junos OS Evolved=19.3-r1
Junos OS Evolved=19.3-r1-s1
Junos OS Evolved=19.3-r2
Junos OS Evolved=19.3-r2-s1
Junos OS Evolved=19.3-r2-s2
Junos OS Evolved=19.3-r2-s3
Junos OS Evolved=19.3-r2-s4
Junos OS Evolved=19.3-r2-s5
Junos OS Evolved=19.3-r2-s6
Junos OS Evolved=19.4
Junos OS Evolved=19.4-r1
Junos OS Evolved=19.4-r1-s1
Junos OS Evolved=19.4-r1-s2
Junos OS Evolved=19.4-r1-s3
Junos OS Evolved=19.4-r1-s4
Junos OS Evolved=19.4-r2
Junos OS Evolved=19.4-r2-s1
Junos OS Evolved=19.4-r2-s2
Junos OS Evolved=19.4-r2-s3
Junos OS Evolved=19.4-r2-s4
Junos OS Evolved=19.4-r2-s5
Junos OS Evolved=19.4-r2-s6
Junos OS Evolved=19.4-r2-s7
Junos OS Evolved=20.1
Junos OS Evolved=20.1-r1
Junos OS Evolved=20.1-r1-s1
Junos OS Evolved=20.1-r1-s2
Junos OS Evolved=20.1-r1-s3
Junos OS Evolved=20.1-r1-s4
Junos OS Evolved=20.2
Junos OS Evolved=20.2-r1
Junos OS Evolved=20.2-r1-s1
Junos OS Evolved=20.2-r1-s2
Junos OS Evolved=20.2-r1-s3
Juniper JUNOS<19.2
Juniper JUNOS=19.2-r1
Juniper JUNOS=19.2-r2
Juniper JUNOS=19.3-r1
Juniper JUNOS=19.3-r2
Juniper JUNOS=19.4-r1
Juniper JUNOS=19.4-r1-s1
Juniper JUNOS=19.4-r2
Juniper JUNOS=19.4-r2-s1
Juniper JUNOS=19.4-r2-s2
Juniper JUNOS=20.1
Juniper JUNOS=20.1-r1
Juniper JUNOS=20.1-r1-s1
Juniper JUNOS=20.1-r2
Juniper JUNOS=20.1-r2-s1
Juniper JUNOS=20.1-r2-s2
Juniper JUNOS=20.1-r2-s3
Juniper JUNOS=20.1-r2-s4
Juniper JUNOS=20.1-r2-s5
Juniper JUNOS=20.2
Juniper JUNOS=20.2-r1
Juniper JUNOS=20.2-r1-s1

Remedy

The following software releases have been updated to resolve this specific issue: Junos OS: 18.4R2-S7, 19.1R3-S2, 19.2R3, 19.3R3, 19.4R3, 20.1R2, 20.2R2, 20.3R1, and all subsequent releases. Junos OS Evolved: 19.2R3-EVO, 19.3R3-EVO, 19.4R3-EVO, 20.1R3-EVO, 20.2R2-EVO, 20.3R1-EVO, and all subsequent releases.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2023-22407?

    CVE-2023-22407 has a severity rating that could potentially lead to a Denial of Service (DoS) affecting the Routing Protocol Daemon in Juniper Networks Junos OS.

  • How do I fix CVE-2023-22407?

    To fix CVE-2023-22407, upgrade your Junos OS to a version above 18.4, or apply any available patches from Juniper Networks.

  • Which versions of Junos OS are affected by CVE-2023-22407?

    CVE-2023-22407 affects Junos OS versions 18.4 and up to but not including 20.0.

  • What kind of attack can CVE-2023-22407 facilitate?

    CVE-2023-22407 allows an adjacent, unauthenticated attacker to cause a Denial of Service by manipulating MPLS TE tunnel configurations.

  • What is the impact of CVE-2023-22407 on network services?

    The impact of CVE-2023-22407 can result in service interruption due to crashes of the Routing Protocol Daemon, disrupting network availability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203