QID 43839
Date Published: 2022-06-30
QID 43839: Juniper Network Operating System (Junos OS) Link Layer Discovery Protocol (LLDP) Out-of-Bounds Read vulnerability (JSA11181)
uniper Junos is the network operating system used in Juniper Networks hardware systems.
Allow an attacker to cause a Denial of ServiceA or allows a locally authenticated attacker to escalate their privileges to root over the target device.
Affected releases are Junos OS:
12.3 versions prior to 12.3R12-S18;
15.1 versions prior to 15.1R7-S9;
17.3 versions prior to 17.3R3-S12;
17.4 versions prior to 17.4R2-S13, 17.4R3-S5;
18.1 versions prior to 18.1R3-S13;
18.2 versions prior to 18.2R3-S8;
18.3 versions prior to 18.3R3-S5;
18.4 versions prior to 18.4R2-S8, 18.4R3-S8;
19.1 versions prior to 19.1R3-S5;
19.2 versions prior to 19.2R3-S3;
19.3 versions prior to 19.3R2-S6, 19.3R3-S2;
19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3;
20.1 versions prior to 20.1R2-S2, 20.1R3;
20.2 versions prior to 20.2R3-S1;
20.3 versions prior to 20.3R2-S1, 20.3R3;
20.4 versions prior to 20.4R2.
QID detection logic: (Authenticated)
It checks for vulnerable Junos OS version.
Successful exploitation allows attacker to execute remote code.
The following software releases have been updated to resolve these specific issues:
The following software releases have been updated to resolve this specific issue: Junos OS 12.3R12-S18, 15.1R7-S9, 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S8, 19.1R3-S5, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3-S1, 20.3R2-S1, 20.3R3, 20.4R2, 20.4R3, 21.1R1, 21.1R2, 21.2R1, and all subsequent releases.
For more information please visit JSA11181
CVEs related to QID 43839
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| JSA11181 |
kb.juniper.net/InfoCenter/index?page=content&id=JSA11181&actp=METADATA |