{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Junos OS s\u00e9ries QFX5000 versions ant\u00e9rieures \u00e0 20.4R3-S6, 21.1R3-S5, 21.2R3-S5, 21.3R3-S4, 21.4R3-S3, 22.1R3-S2, 22.2R2-S2, 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.2R1","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS sur les s\u00e9ries MX versions ant\u00e9rieures \u00e0 20.4R3-S7, 21.1R3-S5, 21.2R3-S4, 21.3R3-S4, 21.4R3-S3, 22.1R3-S1, 22.2R2-S1, 22.2R3, 22.3R1-S2, 22.3R2, 22.4R1","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S8-EVO, 21.1R3-S2-EVO, 21.2R3-S6-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 22.1R3-S4-EVO, 22.2R3-S3-EVO, 22.3R3-S1-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-S1-EVO, 23.2R2-EVO, 23.3R1-EVO","product":{"name":"Junos OS Evolved","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions ant\u00e9rieures \u00e0 20.2R3-S6, 20.3R3-S5, 20.4R3-S9, 21.1R3-S5, 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R2-S2, 22.2R3-S2, 22.3R1-S2, 22.3R2-S2, 22.3R3-S1, 22.4R1-S2, 22.4R2-S2, 22.4R3, 23.1R2, 23.2R2, 23.3R1,","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-44199","url":"https://www.cve.org/CVERecord?id=CVE-2023-44199"},{"name":"CVE-2023-36839","url":"https://www.cve.org/CVERecord?id=CVE-2023-36839"},{"name":"CVE-2023-44184","url":"https://www.cve.org/CVERecord?id=CVE-2023-44184"},{"name":"CVE-2023-44195","url":"https://www.cve.org/CVERecord?id=CVE-2023-44195"},{"name":"CVE-2023-44177","url":"https://www.cve.org/CVERecord?id=CVE-2023-44177"},{"name":"CVE-2023-44201","url":"https://www.cve.org/CVERecord?id=CVE-2023-44201"},{"name":"CVE-2023-44193","url":"https://www.cve.org/CVERecord?id=CVE-2023-44193"},{"name":"CVE-2023-44175","url":"https://www.cve.org/CVERecord?id=CVE-2023-44175"},{"name":"CVE-2023-44197","url":"https://www.cve.org/CVERecord?id=CVE-2023-44197"},{"name":"CVE-2023-44202","url":"https://www.cve.org/CVERecord?id=CVE-2023-44202"},{"name":"CVE-2023-36841","url":"https://www.cve.org/CVERecord?id=CVE-2023-36841"},{"name":"CVE-2023-44187","url":"https://www.cve.org/CVERecord?id=CVE-2023-44187"},{"name":"CVE-2023-26551","url":"https://www.cve.org/CVERecord?id=CVE-2023-26551"},{"name":"CVE-2023-44186","url":"https://www.cve.org/CVERecord?id=CVE-2023-44186"},{"name":"CVE-2023-44194","url":"https://www.cve.org/CVERecord?id=CVE-2023-44194"},{"name":"CVE-2023-22392","url":"https://www.cve.org/CVERecord?id=CVE-2023-22392"},{"name":"CVE-2023-26555","url":"https://www.cve.org/CVERecord?id=CVE-2023-26555"},{"name":"CVE-2023-36843","url":"https://www.cve.org/CVERecord?id=CVE-2023-36843"},{"name":"CVE-2023-44182","url":"https://www.cve.org/CVERecord?id=CVE-2023-44182"},{"name":"CVE-2023-44183","url":"https://www.cve.org/CVERecord?id=CVE-2023-44183"},{"name":"CVE-2023-26552","url":"https://www.cve.org/CVERecord?id=CVE-2023-26552"},{"name":"CVE-2023-44204","url":"https://www.cve.org/CVERecord?id=CVE-2023-44204"},{"name":"CVE-2022-2274","url":"https://www.cve.org/CVERecord?id=CVE-2022-2274"},{"name":"CVE-2023-44196","url":"https://www.cve.org/CVERecord?id=CVE-2023-44196"},{"name":"CVE-2023-44189","url":"https://www.cve.org/CVERecord?id=CVE-2023-44189"},{"name":"CVE-2023-44198","url":"https://www.cve.org/CVERecord?id=CVE-2023-44198"},{"name":"CVE-2023-26554","url":"https://www.cve.org/CVERecord?id=CVE-2023-26554"},{"name":"CVE-2023-44203","url":"https://www.cve.org/CVERecord?id=CVE-2023-44203"},{"name":"CVE-2023-44178","url":"https://www.cve.org/CVERecord?id=CVE-2023-44178"},{"name":"CVE-2022-2097","url":"https://www.cve.org/CVERecord?id=CVE-2022-2097"},{"name":"CVE-2023-44192","url":"https://www.cve.org/CVERecord?id=CVE-2023-44192"},{"name":"CVE-2023-44181","url":"https://www.cve.org/CVERecord?id=CVE-2023-44181"},{"name":"CVE-2023-26553","url":"https://www.cve.org/CVERecord?id=CVE-2023-26553"},{"name":"CVE-2023-44191","url":"https://www.cve.org/CVERecord?id=CVE-2023-44191"},{"name":"CVE-2023-44188","url":"https://www.cve.org/CVERecord?id=CVE-2023-44188"},{"name":"CVE-2023-44190","url":"https://www.cve.org/CVERecord?id=CVE-2023-44190"},{"name":"CVE-2023-44176","url":"https://www.cve.org/CVERecord?id=CVE-2023-44176"},{"name":"CVE-2023-44185","url":"https://www.cve.org/CVERecord?id=CVE-2023-44185"}],"links":[],"reference":"CERTFR-2023-AVI-0836","revisions":[{"description":"Version initiale","revision_date":"2023-10-12T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l'\u00e9diteur, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73141 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-genuine-PIM-packet-causes-RPD-crash-CVE-2023-44175"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73160 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-Packets-which-are-not-destined-to-the-router-can-reach-the-RE-CVE-2023-44195"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73146 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BGP-scenario-RPD-crashes-upon-receiving-and-processing-a-specific-malformed-ISO-VPN--BGP-UPDATE-packet-CVE-2023-44185"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73169 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-QFX5000-series-EX2300-EX3400-EX4100-EX4400-and-EX4600-Packet-flooding-will-occur-when-IGMP-traffic-is-sent-to-an-isolated-VLAN-CVE-2023-44203"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73164 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-SIP-ALG-doesn-t-drop-specifically-malformed-retransmitted-SIP-packets-CVE-2023-44198"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73168 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-Specific-TCP-packets-will-bypass-a-control-plane-firewall-filter-CVE-2023-44202"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73167 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-local-attacker-can-retrieve-sensitive-information-and-elevate-privileges-on-the-devices-to-an-authorized-user-CVE-2023-44201"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73153 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-PTX10003-Series-MAC-address-validation-bypass-vulnerability-CVE-2023-44189"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73149 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-Unchecked-Return-Value-in-multiple-users-interfaces-affects-confidentiality-and-integrity-of-device-operations-CVE-2023-44182"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73140 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-Vulnerabilities-in-CLI-command"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73172 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-MX-Series-Receipt-of-malformed-TCP-traffic-will-cause-a-Denial-of-Service-CVE-2023-36841"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73162 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-PTX10003-Series-Packets-which-are-not-destined-to-the-router-can-reach-the-RE-CVE-2023-44196"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73165 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-MX-Series-In-a-PTP-scenario-a-prolonged-routing-protocol-churn-can-trigger-an-FPC-reboot-CVE-2023-44199"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73152 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-jkdsd-crash-due-to-multiple-telemetry-requests-CVE-2023-44188"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73157 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-MX-Series-An-FPC-crash-is-observed-when-CFM-is-enabled-in-a-VPLS-scenario-and-a-specific-LDP-related-command-is-run-CVE-2023-44193"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73154 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-PTX10001-PTX10004-PTX10008-PTX10016-MAC-address-validation-bypass-vulnerability-CVE-2023-44190"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73170 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-The-rpd-will-crash-upon-receiving-a-malformed-BGP-UPDATE-message-CVE-2023-44204"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73150 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-crash-when-attempting-to-send-a-very-long-AS-PATH-to-a-non-4-byte-AS-capable-BGP-neighbor-CVE-2023-44186"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73171 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-l2cpd-crash-will-occur-when-specific-LLDP-packets-are-received-CVE-2023-36839"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73145 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-QFX5k-l2-loop-in-the-overlay-impacts-the-stability-in-a-EVPN-VXLAN-environment-CVE-2023-44181"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73174 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-SRX-Series-The-PFE-will-crash-on-receiving-malformed-SSL-traffic-when-ATP-is-enabled-CVE-2023-36843"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73530 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-Received-flow-routes-which-aren-t-installed-as-the-hardware-doesn-t-support-them-lead-to-an-FPC-heap-memory-leak-CVE-2023-22392"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73176 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Vulnerability-fixed-in-OpenSSL"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73156 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-QFX5000-Series-DMA-memory-leak-is-observed-when-specific-DHCP-packets-are-transmitted-over-pseudo-VTEP-CVE-2023-44192"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73148 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-QFX5000-Series-EX4600-Series-In-a-VxLAN-scenario-an-adjacent-attacker-within-the-VxLAN-sending-genuine-packets-may-cause-a-DMA-memory-leak-to-occur-CVE-2023-44183"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73147 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-High-CPU-load-due-to-specific-NETCONF-command-CVE-2023-44184"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73151 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-file-copy-CLI-command-can-disclose-password-to-shell-users-CVE-2023-44187"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73177 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-NTP-vulnerabilities-resolved"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73163 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-rpd-crash-may-occur-when-BGP-is-processing-newly-learned-routes-CVE-2023-44197"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73155 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-QFX5000-Series-and-EX4000-Series-Denial-of-Service-DoS-on-a-large-scale-VLAN-due-to-PFE-hogging-CVE-2023-44191"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA73158 du 11 octobre 2023","url":"https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-An-unauthenticated-attacker-with-local-access-to-the-device-can-create-a-backdoor-with-root-privileges-CVE-2023-44194"}]}