CVE-2023-22409 (GCVE-0-2023-22409)
Vulnerability from cvelistv5
Published
2023-01-12 00:00
Modified
2025-04-07 15:33
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). When an inconsistent "deterministic NAT" configuration is present on an SRX, or MX with SPC3 and then a specific CLI command is issued the SPC will crash and restart. Repeated execution of this command will lead to a sustained DoS. Such a configuration is characterized by the total number of port blocks being greater than the total number of hosts. An example for such configuration is: [ services nat source pool TEST-POOL address x.x.x.0/32 to x.x.x.15/32 ] [ services nat source pool TEST-POOL port deterministic block-size 1008 ] [ services nat source pool TEST-POOL port deterministic host address y.y.y.0/24] [ services nat source pool TEST-POOL port deterministic include-boundary-addresses] where according to the following calculation: 65536-1024=64512 (number of usable ports per IP address, implicit) 64512/1008=64 (number of port blocks per Nat IP) x.x.x.0/32 to x.x.x.15/32 = 16 (NAT IP addresses available in NAT pool) total port blocks in NAT Pool = 64 blocks per IP * 16 IPs = 1024 Port blocks host address y.y.y.0/24 = 256 hosts (with include-boundary-addresses) If the port block size is configured to be 4032, then the total port blocks are (64512/4032) * 16 = 256 which is equivalent to the total host addresses of 256, and the issue will not be seen. This issue affects Juniper Networks Junos OS on SRX Series, and MX Series with SPC3: All versions prior to 19.4R3-S10; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S1; 22.1 versions prior to 22.1R2-S2, 22.1R3; 22.2 versions prior to 22.2R2.
References
sirt@juniper.nethttps://kb.juniper.net/JSA70205Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.juniper.net/JSA70205Vendor Advisory
Impacted products
Vendor Product Version
Juniper Networks Junos OS Version: unspecified   < 19.4R3-S10
Version: 20.1R1   < 20.1*
Version: 20.2   < 20.2R3-S6
Version: 20.3   < 20.3R3-S6
Version: 20.4   < 20.4R3-S5
Version: 21.1   < 21.1R3-S4
Version: 21.2   < 21.2R3-S3
Version: 21.3   < 21.3R3-S3
Version: 21.4   < 21.4R3-S1
Version: 22.1   < 22.1R2-S2, 22.1R3
Version: 22.2   < 22.2R2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T10:07:06.724Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://kb.juniper.net/JSA70205",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-22409",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-04-07T14:57:50.420083Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-04-07T15:33:24.631Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               platforms: [
                  "SRX Series, MX Series with SPC3",
               ],
               product: "Junos OS",
               vendor: "Juniper Networks",
               versions: [
                  {
                     lessThan: "19.4R3-S10",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
                  {
                     lessThan: "20.1*",
                     status: "affected",
                     version: "20.1R1",
                     versionType: "custom",
                  },
                  {
                     lessThan: "20.2R3-S6",
                     status: "affected",
                     version: "20.2",
                     versionType: "custom",
                  },
                  {
                     lessThan: "20.3R3-S6",
                     status: "affected",
                     version: "20.3",
                     versionType: "custom",
                  },
                  {
                     lessThan: "20.4R3-S5",
                     status: "affected",
                     version: "20.4",
                     versionType: "custom",
                  },
                  {
                     lessThan: "21.1R3-S4",
                     status: "affected",
                     version: "21.1",
                     versionType: "custom",
                  },
                  {
                     lessThan: "21.2R3-S3",
                     status: "affected",
                     version: "21.2",
                     versionType: "custom",
                  },
                  {
                     lessThan: "21.3R3-S3",
                     status: "affected",
                     version: "21.3",
                     versionType: "custom",
                  },
                  {
                     lessThan: "21.4R3-S1",
                     status: "affected",
                     version: "21.4",
                     versionType: "custom",
                  },
                  {
                     lessThan: "22.1R2-S2, 22.1R3",
                     status: "affected",
                     version: "22.1",
                     versionType: "custom",
                  },
                  {
                     lessThan: "22.2R2",
                     status: "affected",
                     version: "22.2",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2023-01-11T00:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               value: "An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). When an inconsistent \"deterministic NAT\" configuration is present on an SRX, or MX with SPC3 and then a specific CLI command is issued the SPC will crash and restart. Repeated execution of this command will lead to a sustained DoS. Such a configuration is characterized by the total number of port blocks being greater than the total number of hosts. An example for such configuration is: [ services nat source pool TEST-POOL address x.x.x.0/32 to x.x.x.15/32 ] [ services nat source pool TEST-POOL port deterministic block-size 1008 ] [ services nat source pool TEST-POOL port deterministic host address y.y.y.0/24] [ services nat source pool TEST-POOL port deterministic include-boundary-addresses] where according to the following calculation: 65536-1024=64512 (number of usable ports per IP address, implicit) 64512/1008=64 (number of port blocks per Nat IP) x.x.x.0/32 to x.x.x.15/32 = 16 (NAT IP addresses available in NAT pool) total port blocks in NAT Pool = 64 blocks per IP * 16 IPs = 1024 Port blocks host address y.y.y.0/24 = 256 hosts (with include-boundary-addresses) If the port block size is configured to be 4032, then the total port blocks are (64512/4032) * 16 = 256 which is equivalent to the total host addresses of 256, and the issue will not be seen. This issue affects Juniper Networks Junos OS on SRX Series, and MX Series with SPC3: All versions prior to 19.4R3-S10; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S1; 22.1 versions prior to 22.1R2-S2, 22.1R3; 22.2 versions prior to 22.2R2.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "606 Unchecked Input for Loop Condition",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
            {
               descriptions: [
                  {
                     description: "Denial of Service (DoS)",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-01-12T00:00:00.000Z",
            orgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968",
            shortName: "juniper",
         },
         references: [
            {
               url: "https://kb.juniper.net/JSA70205",
            },
         ],
         solutions: [
            {
               lang: "en",
               value: "The following software releases have been updated to resolve this specific issue: 19.4R3-S10, 20.2R3-S6, 20.3R3-S6, 20.4R3-S5, 21.1R3-S4, 21.2R3-S3, 21.3R3-S3, 21.4R3-S1, 22.1R2-S2, 22.1R3, 22.2R2, 22.3R1, and all subsequent releases.\n",
            },
         ],
         source: {
            advisory: "JSA70205",
            defect: [
               "1656798",
            ],
            discovery: "USER",
         },
         title: "Junos OS: SRX Series, MX Series with SPC3: When an inconsistent NAT configuration exists and a specific CLI command is issued the SPC will reboot",
         workarounds: [
            {
               lang: "en",
               value: "Please ensure the deterministic NAT configuration is consistent as shown in the description of the problem section.",
            },
         ],
         x_generator: {
            engine: "Vulnogram 0.0.9",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968",
      assignerShortName: "juniper",
      cveId: "CVE-2023-22409",
      datePublished: "2023-01-12T00:00:00.000Z",
      dateReserved: "2022-12-27T00:00:00.000Z",
      dateUpdated: "2025-04-07T15:33:24.631Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         configurations: "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"19.4\", \"matchCriteriaId\": \"BEF1C9AB-1107-4A26-BB84-BDD72B4E6564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B342307-98CF-45C9-9F08-5EB06C679B79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC743EE4-8833-452A-94DB-655BF139F883\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE96A8EA-FFE3-4D8F-9266-21899149D634\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"C12A75C6-2D00-4202-B861-00FF71585FA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"70FF3DD4-14CB-435D-8529-0480EB853F60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"84429093-AB3C-4C05-B8FA-87D94091820F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DCFA774-96EF-4018-82CF-95C807025C24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"76022948-4B07-43CB-824C-44E1AB3537CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"25446F60-5CB9-4923-BCE8-609AE3CFDFBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"760E2418-B945-4467-BDAC-7702DDF4C4EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"98097AB6-56CB-42E4-96B4-ABBD4F36553C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"7844B380-7986-4B71-B1AE-22D46E5007D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s7:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EF24AFC-D359-4132-A133-1F6680F7BE46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"758275F3-9457-45A2-8F57-65DCD659FC1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B46CB928-78B5-4D60-B747-9A0988C7060D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED73BF1A-96E4-49F1-A6AA-7B29DAA6C112\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"0886EFA6-47E3-4C1D-A278-D3891A487FED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"A209EE6F-E676-4172-8FF3-4E03748DEB13\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC395200-9A69-468A-8461-D2219B34AA0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"08584FCD-4593-4590-A988-C862295E618A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s7:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BF7792C-51FF-4C6E-B5E7-F87738FE4B35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s8:*:*:*:*:*:*\", \"matchCriteriaId\": \"E69B0ED4-898D-4D7A-9711-8DB00EE3197B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s9:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BBF56BB-939A-4E38-BD9E-E3198E70F8E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8328FDE6-9707-4142-B905-3B07C0E28E35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"41CD982F-E6F2-4951-9F96-A76C142DF08E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"19FDC05F-5582-4F7E-B628-E58A3C0E7F2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"401306D1-E9CE-49C6-8DC9-0E8747B9DC2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"615EAF48-AD53-4CC2-B233-5EA5C0F72CB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC8E7547-6649-436D-BC45-184417680C72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9789FF8-D55C-4AF9-A250-E543A0EB826F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C238EB1-5A38-4877-8849-4A6D36918B3F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"C21638A9-6AD8-4347-AA3F-64BC7BD71C0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D621DB7F-BC6B-4A07-8803-596B3ED11CF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5620596-4DEE-41D7-A63F-224D814DAA77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8BBCEC0-5915-4F69-90FD-070A94145BB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r3-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3C93B13-DCEB-4861-87DC-3F1ECBAF7FFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4CF52CF-F911-4615-9171-42F84429149F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3C23AEB-34DE-44FB-8D64-E69D6E8B7401\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"18DB9401-5A51-4BB3-AC2F-58F58F1C788C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"06F53DA5-59AE-403C-9B1E-41CE267D8BB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3332262F-81DA-4D78-99C9-514CADA46611\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B46B63A2-1518-4A29-940C-F05624C9658D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E0D4959-3865-42A7-98CD-1103EBD84528\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A58292B-814C-49E7-8D6D-BE26EFB9ADDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"681AE183-7183-46E7-82EA-28C398FA1C3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A80F23B-CD13-4745-BA92-67C23B297A18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"67D4004B-1233-4258-9C7A-F05189146B44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"69E33F24-D480-4B5F-956D-D435A551CBE7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r3-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E5E3FDB-3F33-4686-9B64-0152AD41939D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"03009CC1-21AC-4A46-A747-D0C67FCD41DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C9BC697-C7C9-447D-9EBD-E9711462583E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B80433B-57B1-49EF-B1A1-83781D6102E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"A352BB7A-6F17-4E64-BC02-1A7E4CD42653\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"05D8427C-CDDE-4B2F-9CB8-41B9137660E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3DC01F2-6DFE-4A8E-9962-5E59AA965935\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DA0E196-925E-4056-B411-E158702D5D4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E33A522F-E35C-4473-9CBD-9C6E5A831086\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9AE26EB-699B-4B10-87E2-9E731B820F32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A29E0070-47E9-43DD-9303-C732FE8CC851\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r3-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5E7E8D2-5D08-492E-84FC-8803E50F2CA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r3-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B798133-105C-448B-B06E-57327E44E478\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D361B23-A3C2-444B-BEB8-E231DA950567\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"20DDC6B7-BFC4-4F0B-8E68-442C23765BF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"037BA01C-3F5C-4503-A633-71765E9EF774\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"C54B047C-4B38-40C0-9855-067DCF7E48BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"38984199-E332-4A9C-A4C0-78083D052E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA6526FB-2941-4D18-9B2E-472AD5A62A53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"09876787-A40A-4340-9C12-8628C325353B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"41615104-C17E-44DA-AB0D-6E2053BD4EF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"1981DE38-36B5-469D-917E-92717EE3ED53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFA68ACD-AAE5-4577-B734-23AAF77BC85A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"65948ABC-22BB-46D5-8545-0806EDB4B86E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"625BA7E6-D2AD-4A48-9B94-24328BE5B06A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F462F4E3-762C-429F-8D25-5521100DD37C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"689FE1AE-7A85-4FB6-AB02-E732F23581B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"79E56DAC-75AD-4C81-9835-634B40C15DA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0040FE2-7ECD-4755-96CE-E899BA298E0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"076AB086-BB79-4583-AAF7-A5233DFB2F95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"72E2DDF6-01DF-4880-AB60-B3DA3281E88D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"54010163-0810-4CF5-95FE-7E62BC6CA4F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"216E7DDE-453D-481F-92E2-9F8466CDDA3F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A52AF794-B36B-43A6-82E9-628658624B0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3998DC76-F72F-4452-9150-652140B113EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"36ED4552-2420-45F9-B6E4-6DA2B2B12870\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"C28A14E7-7EA0-4757-9764-E39A27CFDFA5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A43752D-A4AF-4B4E-B95B-192E42883A5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"42986538-E9D0-4C2E-B1C4-A763A4EE451B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE22CA01-EA7E-4EE5-B59F-EE100688C1DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E596ABD9-6ECD-48DC-B770-87B7E62EA345\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"71745D02-D226-44DC-91AD-678C85F5E6FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC78A4CB-D617-43FC-BB51-287D2D0C44ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"30FF67F8-1E3C-47A8-8859-709B3614BA6E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C7C507E-C85E-4BC6-A3B0-549516BAB524\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"6514CDE8-35DC-469F-89A3-078684D18F7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4624565D-8F59-44A8-B7A8-01AD579745E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"57E08E70-1AF3-4BA5-9A09-06DFE9663ADE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"255B6F20-D32F-42C1-829C-AE9C7923558A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"90AE30DB-C448-4FE9-AC11-FF0F27CDA227\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"79ED3CE8-CC57-43AB-9A26-BBC87816062D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4310D2D9-A8A6-48F8-9384-0A0692A1E1C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9962B01C-C57C-4359-9532-676AB81CE8B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"62178549-B679-4902-BFDB-2993803B7FCE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"9AD697DF-9738-4276-94ED-7B9380CD09F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"09FF5818-0803-4646-A386-D7C645EE58A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2229FA59-EB24-49A2-85CE-F529A8DE6BA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CB280D8-C5D8-4B51-A879-496ACCDE4538\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F96EBE9-2532-4E35-ABA5-CA68830476A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4D936AE-FD74-4823-A824-2D9F24C25BFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E117E493-F4E1-4568-88E3-F243C74A2662\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"01E3E308-FD9C-4686-8C35-8472A0E99F0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3683A8F5-EE0E-4936-A005-DF7F6B75DED3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E949B21B-AD62-4022-9088-06313277479E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D862E6F-0D01-4B25-8340-888C30F75A2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F28F73E-8563-41B9-A313-BBAAD5B57A67\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52699E2B-450A-431C-81E3-DC4483C8B4F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5627740-42E3-4FB1-B8B9-0B768AFFA1EC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx10016:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C39DA74D-F5C7-4C11-857D-50631A110644\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F72C850A-0530-4DB7-A553-7E19F82122B5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FE2089C-F341-4DC1-B76D-633BC699306D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27175D9A-CA2C-4218-8042-835E25DFCA43\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00C7FC57-8ACF-45AA-A227-7E3B350FD24F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2754C2DF-DF6E-4109-9463-38B4E0465B77\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4A26704-A6A4-4C4F-9E12-A0A0259491EF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C982A2FF-A1F9-4830-BAB6-77CFCE1F093F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"104858BD-D31D-40E0-8524-2EC311F10EAC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B557965-0040-4048-B56C-F564FF28635B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB875EBD-A3CD-4466-B2A3-39D47FF94592\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5E08E1E-0FE4-4294-9497-BBFFECA2A220\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD647C15-A686-4C8F-A766-BC29404C0FED\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45AB1622-1AED-4CD7-98F1-67779CDFC321\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89276D88-3B8D-4168-A2CD-0920297485F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E020556B-693F-4963-BA43-3164AB50FA49\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB0D31FF-0812-42B8-B25E-03C35EC1B021\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"746C3882-2A5B-4215-B259-EB1FD60C513D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06A03463-6B1D-4DBA-9E89-CAD5E899B98B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCC5F6F5-4347-49D3-909A-27A3A96D36C9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56BA6B86-D3F4-4496-AE46-AC513C6560FA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5ABA347C-3EF3-4F75-B4D1-54590A57C2BC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62FC145A-D477-4C86-89E7-F70F52773801\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06685D0E-A075-49A5-9EF4-34F0F795C8C6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52F0B735-8C49-4B08-950A-296C9CDE43CA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66F474D4-79B6-4525-983C-9A9011BD958B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"}]}]}]",
         descriptions: "[{\"lang\": \"en\", \"value\": \"An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). When an inconsistent \\\"deterministic NAT\\\" configuration is present on an SRX, or MX with SPC3 and then a specific CLI command is issued the SPC will crash and restart. Repeated execution of this command will lead to a sustained DoS. Such a configuration is characterized by the total number of port blocks being greater than the total number of hosts. An example for such configuration is: [ services nat source pool TEST-POOL address x.x.x.0/32 to x.x.x.15/32 ] [ services nat source pool TEST-POOL port deterministic block-size 1008 ] [ services nat source pool TEST-POOL port deterministic host address y.y.y.0/24] [ services nat source pool TEST-POOL port deterministic include-boundary-addresses] where according to the following calculation: 65536-1024=64512 (number of usable ports per IP address, implicit) 64512/1008=64 (number of port blocks per Nat IP) x.x.x.0/32 to x.x.x.15/32 = 16 (NAT IP addresses available in NAT pool) total port blocks in NAT Pool = 64 blocks per IP * 16 IPs = 1024 Port blocks host address y.y.y.0/24 = 256 hosts (with include-boundary-addresses) If the port block size is configured to be 4032, then the total port blocks are (64512/4032) * 16 = 256 which is equivalent to the total host addresses of 256, and the issue will not be seen. This issue affects Juniper Networks Junos OS on SRX Series, and MX Series with SPC3: All versions prior to 19.4R3-S10; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S1; 22.1 versions prior to 22.1R2-S2, 22.1R3; 22.2 versions prior to 22.2R2.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de Unchecked Input for Loop Condition en una librer\\u00eda NAT de Juniper Networks Junos OS permite que un atacante autenticado local con privilegios bajos provoque una denegaci\\u00f3n de servicio (DoS). Cuando hay una configuraci\\u00f3n \\\"NAT determinista\\\" inconsistente en un SRX o MX con SPC3 y luego se emite un comando CLI espec\\u00edfico, el SPC fallar\\u00e1 y se reiniciar\\u00e1. La ejecuci\\u00f3n repetida de este comando provocar\\u00e1 una DoS sostenida. Esta configuraci\\u00f3n se caracteriza por que el n\\u00famero total de bloques de puertos es mayor que el n\\u00famero total de hosts. Un ejemplo de dicha configuraci\\u00f3n es: [ services nat source pool TEST-POOL address x.x.x.0/32 to x.x.x.15/32 ] [ services nat source pool TEST-POOL port deterministic block-size 1008 ] [ services nat source pool TEST-POOL port deterministic host address y.y.y.0/24] [ services nat source pool TEST-POOL port deterministic include-boundary-addresses] donde de acuerdo con el siguiente c\\u00e1lculo: 65536-1024=64512 (n\\u00famero de puertos utilizables por direcci\\u00f3n IP, impl\\u00edcito) 64512/1008=64 ( n\\u00famero de bloques de puertos por IP Nat) xxx0/32 a xxx15/32 = 16 (direcciones IP NAT disponibles en el grupo NAT) bloques de puertos totales en el grupo NAT = 64 bloques por IP * 16 IP = 1024 Direcci\\u00f3n de host de bloques de puertos yyy0/24 = 256 hosts (con direcciones de l\\u00edmite incluidas) Si el tama\\u00f1o del bloque de puerto est\\u00e1 configurado para ser 4032, entonces el total de bloques de puerto es (64512/4032) * 16 = 256, lo que equivale al total de direcciones de host de 256, y el problema no ser\\u00e1 visto. Este problema afecta a Juniper Networks Junos OS en la serie SRX y la serie MX con SPC3: todas las versiones anteriores a 19.4R3-S10; 20.1 versi\\u00f3n 20.1R1 y versiones posteriores; Versiones 20.2 anteriores a 20.2R3-S6; Versiones 20.3 anteriores a 20.3R3-S6; Versiones 20.4 anteriores a 20.4R3-S5; Versiones 21.1 anteriores a 21.1R3-S4; Versiones 21.2 anteriores a 21.2R3-S3; Versiones 21.3 anteriores a 21.3R3-S3; Versiones 21.4 anteriores a 21.4R3-S1; Versiones 22.1 anteriores a 22.1R2-S2, 22.1R3; Versiones 22.2 anteriores a 22.2R2.\"}]",
         id: "CVE-2023-22409",
         lastModified: "2024-11-21T07:44:45.620",
         metrics: "{\"cvssMetricV31\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
         published: "2023-01-13T00:15:11.233",
         references: "[{\"url\": \"https://kb.juniper.net/JSA70205\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://kb.juniper.net/JSA70205\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
         sourceIdentifier: "sirt@juniper.net",
         vulnStatus: "Modified",
         weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-1284\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2023-22409\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2023-01-13T00:15:11.233\",\"lastModified\":\"2024-11-21T07:44:45.620\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). When an inconsistent \\\"deterministic NAT\\\" configuration is present on an SRX, or MX with SPC3 and then a specific CLI command is issued the SPC will crash and restart. Repeated execution of this command will lead to a sustained DoS. Such a configuration is characterized by the total number of port blocks being greater than the total number of hosts. An example for such configuration is: [ services nat source pool TEST-POOL address x.x.x.0/32 to x.x.x.15/32 ] [ services nat source pool TEST-POOL port deterministic block-size 1008 ] [ services nat source pool TEST-POOL port deterministic host address y.y.y.0/24] [ services nat source pool TEST-POOL port deterministic include-boundary-addresses] where according to the following calculation: 65536-1024=64512 (number of usable ports per IP address, implicit) 64512/1008=64 (number of port blocks per Nat IP) x.x.x.0/32 to x.x.x.15/32 = 16 (NAT IP addresses available in NAT pool) total port blocks in NAT Pool = 64 blocks per IP * 16 IPs = 1024 Port blocks host address y.y.y.0/24 = 256 hosts (with include-boundary-addresses) If the port block size is configured to be 4032, then the total port blocks are (64512/4032) * 16 = 256 which is equivalent to the total host addresses of 256, and the issue will not be seen. This issue affects Juniper Networks Junos OS on SRX Series, and MX Series with SPC3: All versions prior to 19.4R3-S10; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S1; 22.1 versions prior to 22.1R2-S2, 22.1R3; 22.2 versions prior to 22.2R2.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de Unchecked Input for Loop Condition en una librería NAT de Juniper Networks Junos OS permite que un atacante autenticado local con privilegios bajos provoque una denegación de servicio (DoS). Cuando hay una configuración \\\"NAT determinista\\\" inconsistente en un SRX o MX con SPC3 y luego se emite un comando CLI específico, el SPC fallará y se reiniciará. La ejecución repetida de este comando provocará una DoS sostenida. Esta configuración se caracteriza por que el número total de bloques de puertos es mayor que el número total de hosts. Un ejemplo de dicha configuración es: [ services nat source pool TEST-POOL address x.x.x.0/32 to x.x.x.15/32 ] [ services nat source pool TEST-POOL port deterministic block-size 1008 ] [ services nat source pool TEST-POOL port deterministic host address y.y.y.0/24] [ services nat source pool TEST-POOL port deterministic include-boundary-addresses] donde de acuerdo con el siguiente cálculo: 65536-1024=64512 (número de puertos utilizables por dirección IP, implícito) 64512/1008=64 ( número de bloques de puertos por IP Nat) xxx0/32 a xxx15/32 = 16 (direcciones IP NAT disponibles en el grupo NAT) bloques de puertos totales en el grupo NAT = 64 bloques por IP * 16 IP = 1024 Dirección de host de bloques de puertos yyy0/24 = 256 hosts (con direcciones de límite incluidas) Si el tamaño del bloque de puerto está configurado para ser 4032, entonces el total de bloques de puerto es (64512/4032) * 16 = 256, lo que equivale al total de direcciones de host de 256, y el problema no será visto. Este problema afecta a Juniper Networks Junos OS en la serie SRX y la serie MX con SPC3: todas las versiones anteriores a 19.4R3-S10; 20.1 versión 20.1R1 y versiones posteriores; Versiones 20.2 anteriores a 20.2R3-S6; Versiones 20.3 anteriores a 20.3R3-S6; Versiones 20.4 anteriores a 20.4R3-S5; Versiones 21.1 anteriores a 21.1R3-S4; Versiones 21.2 anteriores a 21.2R3-S3; Versiones 21.3 anteriores a 21.3R3-S3; Versiones 21.4 anteriores a 21.4R3-S1; Versiones 22.1 anteriores a 22.1R2-S2, 22.1R3; Versiones 22.2 anteriores a 22.2R2.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1284\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"19.4\",\"matchCriteriaId\":\"BEF1C9AB-1107-4A26-BB84-BDD72B4E6564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B342307-98CF-45C9-9F08-5EB06C679B79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC743EE4-8833-452A-94DB-655BF139F883\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE96A8EA-FFE3-4D8F-9266-21899149D634\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C12A75C6-2D00-4202-B861-00FF71585FA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"70FF3DD4-14CB-435D-8529-0480EB853F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"84429093-AB3C-4C05-B8FA-87D94091820F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DCFA774-96EF-4018-82CF-95C807025C24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"76022948-4B07-43CB-824C-44E1AB3537CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"25446F60-5CB9-4923-BCE8-609AE3CFDFBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"760E2418-B945-4467-BDAC-7702DDF4C4EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"98097AB6-56CB-42E4-96B4-ABBD4F36553C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"7844B380-7986-4B71-B1AE-22D46E5007D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EF24AFC-D359-4132-A133-1F6680F7BE46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"758275F3-9457-45A2-8F57-65DCD659FC1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B46CB928-78B5-4D60-B747-9A0988C7060D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED73BF1A-96E4-49F1-A6AA-7B29DAA6C112\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0886EFA6-47E3-4C1D-A278-D3891A487FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A209EE6F-E676-4172-8FF3-4E03748DEB13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC395200-9A69-468A-8461-D2219B34AA0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"08584FCD-4593-4590-A988-C862295E618A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BF7792C-51FF-4C6E-B5E7-F87738FE4B35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s8:*:*:*:*:*:*\",\"matchCriteriaId\":\"E69B0ED4-898D-4D7A-9711-8DB00EE3197B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s9:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BBF56BB-939A-4E38-BD9E-E3198E70F8E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8328FDE6-9707-4142-B905-3B07C0E28E35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"41CD982F-E6F2-4951-9F96-A76C142DF08E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"19FDC05F-5582-4F7E-B628-E58A3C0E7F2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"401306D1-E9CE-49C6-8DC9-0E8747B9DC2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"615EAF48-AD53-4CC2-B233-5EA5C0F72CB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC8E7547-6649-436D-BC45-184417680C72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9789FF8-D55C-4AF9-A250-E543A0EB826F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C238EB1-5A38-4877-8849-4A6D36918B3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C21638A9-6AD8-4347-AA3F-64BC7BD71C0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D621DB7F-BC6B-4A07-8803-596B3ED11CF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5620596-4DEE-41D7-A63F-224D814DAA77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8BBCEC0-5915-4F69-90FD-070A94145BB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C93B13-DCEB-4861-87DC-3F1ECBAF7FFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4CF52CF-F911-4615-9171-42F84429149F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C23AEB-34DE-44FB-8D64-E69D6E8B7401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"18DB9401-5A51-4BB3-AC2F-58F58F1C788C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"06F53DA5-59AE-403C-9B1E-41CE267D8BB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3332262F-81DA-4D78-99C9-514CADA46611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B46B63A2-1518-4A29-940C-F05624C9658D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E0D4959-3865-42A7-98CD-1103EBD84528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A58292B-814C-49E7-8D6D-BE26EFB9ADDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"681AE183-7183-46E7-82EA-28C398FA1C3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A80F23B-CD13-4745-BA92-67C23B297A18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"67D4004B-1233-4258-9C7A-F05189146B44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"69E33F24-D480-4B5F-956D-D435A551CBE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E5E3FDB-3F33-4686-9B64-0152AD41939D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"03009CC1-21AC-4A46-A747-D0C67FCD41DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C9BC697-C7C9-447D-9EBD-E9711462583E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B80433B-57B1-49EF-B1A1-83781D6102E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A352BB7A-6F17-4E64-BC02-1A7E4CD42653\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"05D8427C-CDDE-4B2F-9CB8-41B9137660E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3DC01F2-6DFE-4A8E-9962-5E59AA965935\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DA0E196-925E-4056-B411-E158702D5D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E33A522F-E35C-4473-9CBD-9C6E5A831086\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9AE26EB-699B-4B10-87E2-9E731B820F32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A29E0070-47E9-43DD-9303-C732FE8CC851\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5E7E8D2-5D08-492E-84FC-8803E50F2CA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B798133-105C-448B-B06E-57327E44E478\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D361B23-A3C2-444B-BEB8-E231DA950567\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"20DDC6B7-BFC4-4F0B-8E68-442C23765BF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"037BA01C-3F5C-4503-A633-71765E9EF774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C54B047C-4B38-40C0-9855-067DCF7E48BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"38984199-E332-4A9C-A4C0-78083D052E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA6526FB-2941-4D18-9B2E-472AD5A62A53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"09876787-A40A-4340-9C12-8628C325353B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"41615104-C17E-44DA-AB0D-6E2053BD4EF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1981DE38-36B5-469D-917E-92717EE3ED53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFA68ACD-AAE5-4577-B734-23AAF77BC85A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"65948ABC-22BB-46D5-8545-0806EDB4B86E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"625BA7E6-D2AD-4A48-9B94-24328BE5B06A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F462F4E3-762C-429F-8D25-5521100DD37C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"689FE1AE-7A85-4FB6-AB02-E732F23581B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"79E56DAC-75AD-4C81-9835-634B40C15DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0040FE2-7ECD-4755-96CE-E899BA298E0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"076AB086-BB79-4583-AAF7-A5233DFB2F95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"72E2DDF6-01DF-4880-AB60-B3DA3281E88D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"54010163-0810-4CF5-95FE-7E62BC6CA4F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"216E7DDE-453D-481F-92E2-9F8466CDDA3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A52AF794-B36B-43A6-82E9-628658624B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3998DC76-F72F-4452-9150-652140B113EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"36ED4552-2420-45F9-B6E4-6DA2B2B12870\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C28A14E7-7EA0-4757-9764-E39A27CFDFA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A43752D-A4AF-4B4E-B95B-192E42883A5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"42986538-E9D0-4C2E-B1C4-A763A4EE451B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE22CA01-EA7E-4EE5-B59F-EE100688C1DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E596ABD9-6ECD-48DC-B770-87B7E62EA345\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"71745D02-D226-44DC-91AD-678C85F5E6FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC78A4CB-D617-43FC-BB51-287D2D0C44ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"30FF67F8-1E3C-47A8-8859-709B3614BA6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C7C507E-C85E-4BC6-A3B0-549516BAB524\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6514CDE8-35DC-469F-89A3-078684D18F7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4624565D-8F59-44A8-B7A8-01AD579745E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"57E08E70-1AF3-4BA5-9A09-06DFE9663ADE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"255B6F20-D32F-42C1-829C-AE9C7923558A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"90AE30DB-C448-4FE9-AC11-FF0F27CDA227\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"79ED3CE8-CC57-43AB-9A26-BBC87816062D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4310D2D9-A8A6-48F8-9384-0A0692A1E1C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9962B01C-C57C-4359-9532-676AB81CE8B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"62178549-B679-4902-BFDB-2993803B7FCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AD697DF-9738-4276-94ED-7B9380CD09F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"09FF5818-0803-4646-A386-D7C645EE58A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2229FA59-EB24-49A2-85CE-F529A8DE6BA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CB280D8-C5D8-4B51-A879-496ACCDE4538\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F96EBE9-2532-4E35-ABA5-CA68830476A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4D936AE-FD74-4823-A824-2D9F24C25BFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E117E493-F4E1-4568-88E3-F243C74A2662\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"01E3E308-FD9C-4686-8C35-8472A0E99F0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3683A8F5-EE0E-4936-A005-DF7F6B75DED3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E949B21B-AD62-4022-9088-06313277479E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D862E6F-0D01-4B25-8340-888C30F75A2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F28F73E-8563-41B9-A313-BBAAD5B57A67\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52699E2B-450A-431C-81E3-DC4483C8B4F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5627740-42E3-4FB1-B8B9-0B768AFFA1EC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx10016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C39DA74D-F5C7-4C11-857D-50631A110644\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F72C850A-0530-4DB7-A553-7E19F82122B5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FE2089C-F341-4DC1-B76D-633BC699306D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27175D9A-CA2C-4218-8042-835E25DFCA43\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00C7FC57-8ACF-45AA-A227-7E3B350FD24F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2754C2DF-DF6E-4109-9463-38B4E0465B77\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4A26704-A6A4-4C4F-9E12-A0A0259491EF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C982A2FF-A1F9-4830-BAB6-77CFCE1F093F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"104858BD-D31D-40E0-8524-2EC311F10EAC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B557965-0040-4048-B56C-F564FF28635B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB875EBD-A3CD-4466-B2A3-39D47FF94592\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5E08E1E-0FE4-4294-9497-BBFFECA2A220\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD647C15-A686-4C8F-A766-BC29404C0FED\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45AB1622-1AED-4CD7-98F1-67779CDFC321\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89276D88-3B8D-4168-A2CD-0920297485F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E020556B-693F-4963-BA43-3164AB50FA49\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB0D31FF-0812-42B8-B25E-03C35EC1B021\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"746C3882-2A5B-4215-B259-EB1FD60C513D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06A03463-6B1D-4DBA-9E89-CAD5E899B98B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC5F6F5-4347-49D3-909A-27A3A96D36C9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56BA6B86-D3F4-4496-AE46-AC513C6560FA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ABA347C-3EF3-4F75-B4D1-54590A57C2BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62FC145A-D477-4C86-89E7-F70F52773801\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06685D0E-A075-49A5-9EF4-34F0F795C8C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52F0B735-8C49-4B08-950A-296C9CDE43CA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F474D4-79B6-4525-983C-9A9011BD958B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA70205\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://kb.juniper.net/JSA70205\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://kb.juniper.net/JSA70205\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T10:07:06.724Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-22409\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-07T14:57:50.420083Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-07T14:57:55.607Z\"}}], \"cna\": {\"title\": \"Junos OS: SRX Series, MX Series with SPC3: When an inconsistent NAT configuration exists and a specific CLI command is issued the SPC will reboot\", \"source\": {\"defect\": [\"1656798\"], \"advisory\": \"JSA70205\", \"discovery\": \"USER\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"19.4R3-S10\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"20.1R1\", \"lessThan\": \"20.1*\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"20.2\", \"lessThan\": \"20.2R3-S6\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"20.3\", \"lessThan\": \"20.3R3-S6\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"20.4\", \"lessThan\": \"20.4R3-S5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"21.1\", \"lessThan\": \"21.1R3-S4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"21.2\", \"lessThan\": \"21.2R3-S3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"21.3\", \"lessThan\": \"21.3R3-S3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"21.4\", \"lessThan\": \"21.4R3-S1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"22.1\", \"lessThan\": \"22.1R2-S2, 22.1R3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"22.2\", \"lessThan\": \"22.2R2\", \"versionType\": \"custom\"}], \"platforms\": [\"SRX Series, MX Series with SPC3\"]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The following software releases have been updated to resolve this specific issue: 19.4R3-S10, 20.2R3-S6, 20.3R3-S6, 20.4R3-S5, 21.1R3-S4, 21.2R3-S3, 21.3R3-S3, 21.4R3-S1, 22.1R2-S2, 22.1R3, 22.2R2, 22.3R1, and all subsequent releases.\\n\"}], \"datePublic\": \"2023-01-11T00:00:00.000Z\", \"references\": [{\"url\": \"https://kb.juniper.net/JSA70205\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Please ensure the deterministic NAT configuration is consistent as shown in the description of the problem section.\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). When an inconsistent \\\"deterministic NAT\\\" configuration is present on an SRX, or MX with SPC3 and then a specific CLI command is issued the SPC will crash and restart. Repeated execution of this command will lead to a sustained DoS. Such a configuration is characterized by the total number of port blocks being greater than the total number of hosts. An example for such configuration is: [ services nat source pool TEST-POOL address x.x.x.0/32 to x.x.x.15/32 ] [ services nat source pool TEST-POOL port deterministic block-size 1008 ] [ services nat source pool TEST-POOL port deterministic host address y.y.y.0/24] [ services nat source pool TEST-POOL port deterministic include-boundary-addresses] where according to the following calculation: 65536-1024=64512 (number of usable ports per IP address, implicit) 64512/1008=64 (number of port blocks per Nat IP) x.x.x.0/32 to x.x.x.15/32 = 16 (NAT IP addresses available in NAT pool) total port blocks in NAT Pool = 64 blocks per IP * 16 IPs = 1024 Port blocks host address y.y.y.0/24 = 256 hosts (with include-boundary-addresses) If the port block size is configured to be 4032, then the total port blocks are (64512/4032) * 16 = 256 which is equivalent to the total host addresses of 256, and the issue will not be seen. This issue affects Juniper Networks Junos OS on SRX Series, and MX Series with SPC3: All versions prior to 19.4R3-S10; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S1; 22.1 versions prior to 22.1R2-S2, 22.1R3; 22.2 versions prior to 22.2R2.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"606 Unchecked Input for Loop Condition\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Denial of Service (DoS)\"}]}], \"providerMetadata\": {\"orgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"shortName\": \"juniper\", \"dateUpdated\": \"2023-01-12T00:00:00.000Z\"}}}",
         cveMetadata: "{\"cveId\": \"CVE-2023-22409\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-07T15:33:24.631Z\", \"dateReserved\": \"2022-12-27T00:00:00.000Z\", \"assignerOrgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"datePublished\": \"2023-01-12T00:00:00.000Z\", \"assignerShortName\": \"juniper\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.