First published: Fri Jul 14 2023(Updated: )
An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). Continued receipt of this specific packet will cause a sustained Denial of Service condition. On all SRX Series and MX Series platforms, where IDP is enabled and a specific malformed SSL packet is received, the SSL detector crashes leading to an FPC core. This issue affects Juniper Networks SRX Series and MX Series prior to SigPack 3598. In order to identify the current SigPack version, following command can be used: user@junos# show security idp security-package-version
Credit: sirt@juniper.net sirt@juniper.net
Affected Software | Affected Version | How to fix |
---|---|---|
Juniper JUNOS | ||
Juniper vSRX | ||
Juniper Csrx | ||
Juniper Mx10 | ||
Juniper Mx10000 | ||
Juniper Mx10003 | ||
Juniper Mx10008 | ||
Juniper Mx10016 | ||
Juniper Mx104 | ||
Juniper Mx150 | ||
Juniper Mx2008 | ||
Juniper Mx2010 | ||
Juniper Mx2020 | ||
Juniper Mx204 | ||
Juniper Mx240 | ||
Juniper Mx40 | ||
Juniper Mx480 | ||
Juniper Mx5 | ||
Juniper Mx80 | ||
Juniper Mx960 | ||
Juniper Srx100 | ||
Juniper Srx110 | ||
Juniper Srx1400 | ||
Juniper Srx1500 | ||
Juniper Srx210 | ||
Juniper Srx220 | ||
Juniper Srx240 | ||
Juniper Srx240h2 | ||
Juniper Srx240m | ||
Juniper Srx300 | ||
Juniper Srx320 | ||
Juniper Srx340 | ||
Juniper Srx3400 | ||
Juniper Srx345 | ||
Juniper Srx3600 | ||
Juniper Srx380 | ||
Juniper Srx4000 | ||
Juniper Srx4100 | ||
Juniper Srx4200 | ||
Juniper Srx4600 | ||
Juniper Srx5000 | ||
Juniper Srx5400 | ||
Juniper Srx550 | ||
Juniper Srx550 Hm | ||
Juniper Srx550m | ||
Juniper Srx5600 | ||
Juniper Srx5800 | ||
Juniper Srx650 |
The following software releases have been updated to resolve this specific issue: SigPack 3598, and all subsequent releases.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-28985.
The severity of CVE-2023-28985 is high.
Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series are affected by CVE-2023-28985.
CVE-2023-28985 allows an unauthenticated, network-based attacker to cause Denial of Service (DoS).
Refer to the Juniper Networks support portal for instructions on how to mitigate CVE-2023-28985.