1. Home
  2. CVE Database
  3. CVE-2023-36833
MEDIUM · 6.5

CVE-2023-36833

A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauth...

Vulnerability Description

A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). The process 'aftman-bt' will crash after multiple flaps on a multicast-only fast reroute (MoFRR) enabled interface. This will cause the respective FPC to stop forwarding traffic and it needs to be rebooted to restore the service. An indication that the system experienced this issue is the following log message:   <date> <hostname> evo-aftmand-bt[<pid>]: [Error] jexpr_fdb: sanity check failed, ... , app_name L3 Mcast Routes This issue affects Juniper Networks Junos OS Evolved on PTX10001-36MR, PTX10004, PTX10008, PTX10016 with LC1201/1202: 21.2 version 21.2R1-EVO and later versions; 21.3 version 21.3R1-EVO and later versions; 21.4 versions prior to 21.4R3-S3-EVO; 22.1 version 22.1R1-EVO and later versions; 22.2 versions prior to 22.2R3-S2-EVO; 22.3 versions prior to 22.3R3-EVO; 22.4 versions prior to 22.4R1-S2-EVO, 22.4R2-EVO.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
JuniperJunos Os Evolved21.2
JuniperPtx10001-36Mr-
JuniperPtx10004-
JuniperPtx10008-
JuniperPtx10016-

Related Weaknesses (CWE)

CWE-416

References

FAQ

What is CVE-2023-36833?

CVE-2023-36833 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauth...

How severe is CVE-2023-36833?

CVE-2023-36833 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-36833?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos Os Evolved, Juniper Ptx10001-36Mr, Juniper Ptx10004, Juniper Ptx10008, Juniper Ptx10016.