← Back to CVEs
CVE-2023-28983
HIGH8.8
Description
An OS Command Injection vulnerability in gRPC Network Operations Interface (gNOI) server module of Juniper Networks Junos OS Evolved allows an authenticated, low privileged, network based attacker to inject shell commands and execute code. This issue affects Juniper Networks Junos OS Evolved 21.4 version 21.4R1-EVO and later versions prior to 22.1R1-EVO.
CVE Details
CVSS v3.1 Score8.8
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published4/17/2023
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
juniper:junos_os_evolved
Weaknesses (CWE)
CWE-78
References
https://supportportal.juniper.net/JSA70609(sirt@juniper.net)
https://supportportal.juniper.net/JSA70609(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.