Juniper Junos OS Vulnerability (JSA70192)

high Nessus Plugin ID 177295


The remote device is missing a vendor-supplied security patch.


The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70192 advisory. An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine (RE) of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service (DoS). The system does not recover automatically and must be manually restarted to restore service. This issue occurs when crafted TCP packets are sent directly to a configured IPv4 or IPv6 interface on the device. Transit traffic will not trigger this issue. MBUF usage can be monitored through the use of the 'show system buffers' command.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Apply the relevant Junos software release referenced in Juniper advisory JSA70192

See Also

Plugin Details

Severity: High

ID: 177295

File Name: juniper_jsa70192.nasl

Version: 1.0

Type: combined

Published: 6/14/2023

Updated: 6/14/2023

Risk Information


Risk Factor: Low

Score: 3.6


Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2023-22396


Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:juniper:junos

Required KB Items: Host/Juniper/JUNOS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 1/11/2023

Vulnerability Publication Date: 1/11/2023

Reference Information

CVE: CVE-2023-22396

JSA: JSA70192

IAVA: 2023-A-0041