1. Home
  2. CVE Database
  3. CVE-2023-28985
HIGH · 7.5

CVE-2023-28985

An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based...

Vulnerability Description

An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). Continued receipt of this specific packet will cause a sustained Denial of Service condition. On all SRX Series and MX Series platforms, where IDP is enabled and a specific malformed SSL packet is received, the SSL detector crashes leading to an FPC core. This issue affects Juniper Networks SRX Series and MX Series prior to SigPack 3598. In order to identify the current SigPack version, following command can be used: user@junos# show security idp security-package-version

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
JuniperJunos-
JuniperVsrx-
JuniperCsrx-
JuniperMx10-
JuniperMx10000-
JuniperMx10003-
JuniperMx10008-
JuniperMx10016-
JuniperMx104-
JuniperMx150-
JuniperMx2008-
JuniperMx2010-
JuniperMx2020-
JuniperMx204-
JuniperMx240-
JuniperMx40-
JuniperMx480-
JuniperMx5-
JuniperMx80-
JuniperMx960-

Related Weaknesses (CWE)

CWE-1286

References

FAQ

What is CVE-2023-28985?

CVE-2023-28985 is a vulnerability with a CVSS score of 7.5 (HIGH). An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based...

How severe is CVE-2023-28985?

CVE-2023-28985 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-28985?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Vsrx, Juniper Csrx, Juniper Mx10, Juniper Mx10000.