What is CVE-2023-22414?

CVE-2023-22414 is a medium-severity vulnerability in Juniper Junos, classified under Missing Release of Memory after Effective Lifetime. CVSS score: 6.5/10. Published 2023-01-13.

How severe is CVE-2023-22414?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Juniper Junos

CVE-2023-22414

A Missing Release of Memory after Effective Lifetime vulnerability in Flexible PIC Concentrator (FPC) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker from the same shared physical or logical network, to cause a he…

EPSS: 0.003 (22.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Juniper Junos — versions 20.2, 20.3, 20.4
Juniper Qfx10000
Juniper Qfx10002
Juniper Qfx10002-32q
Juniper Qfx10002-60c
Juniper Qfx10002-72q
Juniper Qfx10008
Juniper Qfx10016
Juniper Networks Junos Os — versions unspecified, 20.2, 20.3

Weakness classification (CWE)

CWE-401 — Missing Release of Memory after Effective Lifetime

References

sirt@juniper.net (Vendor Advisory)

Frequently asked questions

What is CVE-2023-22414?: CVE-2023-22414 is a medium-severity vulnerability in Juniper Junos, classified under Missing Release of Memory after Effective Lifetime. CVSS score: 6.5/10. Published 2023-01-13.
How severe is CVE-2023-22414?: Medium severity. CVSS v3 base score is 6.5 out of 10.