First published: Fri Jul 14 2023(Updated: )
An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak to occur when accessing certain websites, eventually leading to a Denial of Service (DoS) condition. Service restoration is only possible by rebooting the system. The jbuf memory leak only occurs in SSL Proxy and UTM Web-Filtering configurations. Other products, platforms, and configurations are not affected by this vulnerability. This issue affects Juniper Networks Junos OS on SRX Series: 22.2 versions prior to 22.2R3; 22.3 versions prior to 22.3R2-S1, 22.3R3; 22.4 versions prior to 22.4R1-S2, 22.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 22.2R2.
Credit: sirt@juniper.net sirt@juniper.net
Affected Software | Affected Version | How to fix |
---|---|---|
Juniper JUNOS | =22.2-r1 | |
Juniper JUNOS | =22.2-r1-s1 | |
Juniper JUNOS | =22.2-r1-s2 | |
Juniper JUNOS | =22.2-r2 | |
Juniper JUNOS | =22.2-r2-s1 | |
Juniper JUNOS | =22.2-r2-s2 | |
Juniper JUNOS | =22.3-r1 | |
Juniper JUNOS | =22.3-r1-s1 | |
Juniper JUNOS | =22.3-r1-s2 | |
Juniper JUNOS | =22.3-r2 | |
Juniper JUNOS | =22.4-r1 | |
Juniper JUNOS | =22.4-r1-s1 | |
Juniper vSRX | ||
Juniper Csrx | ||
Juniper Srx100 | ||
Juniper Srx110 | ||
Juniper Srx1400 | ||
Juniper Srx1500 | ||
Juniper Srx210 | ||
Juniper Srx220 | ||
Juniper Srx240 | ||
Juniper Srx240h2 | ||
Juniper Srx240m | ||
Juniper Srx300 | ||
Juniper Srx320 | ||
Juniper Srx340 | ||
Juniper Srx3400 | ||
Juniper Srx345 | ||
Juniper Srx3600 | ||
Juniper Srx380 | ||
Juniper Srx4000 | ||
Juniper Srx4100 | ||
Juniper Srx4200 | ||
Juniper Srx4600 | ||
Juniper Srx5000 | ||
Juniper Srx5400 | ||
Juniper Srx550 | ||
Juniper Srx550 Hm | ||
Juniper Srx550m | ||
Juniper Srx5600 | ||
Juniper Srx5800 | ||
Juniper Srx650 |
The following software releases have been updated to resolve this specific issue: Junos OS 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.1R1, and all subsequent releases.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-36831 is an Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series.
CVE-2023-36831 in Junos OS on SRX Series causes a jbuf memory leak to occur when accessing certain websites, leading to a Denial of Service (DoS) condition.
Junos OS versions 22.2-r1, 22.2-r1-s1, 22.2-r1-s2, 22.2-r2, 22.2-r2-s1, 22.2-r2-s2, 22.3-r1, 22.3-r1-s1, 22.3-r1-s2, 22.3-r2, 22.4-r1, and 22.4-r1-s1 are affected by CVE-2023-36831.
CVE-2023-36831 has a severity rating of high, with a severity value of 7.
To fix CVE-2023-36831, it is recommended to apply the necessary updates provided by Juniper Networks. Please refer to the Juniper Networks support portal for more information.