CVE-2023-28968 (appid_service_sigpack, jdpi-decoder_engine, junos)

An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder (JDPI-Decoder) Application Signature component of Junos OS's AppID service on SRX Series devices will stop the JDPI-Decoder from identifying dynamic application traffic, allowing an unauthenticated network-based attacker to send traffic to the target device using the JDPI-Decoder, designed to inspect dynamic application traffic and take action upon this traffic, to instead begin to not take action and to pass the traffic through. An example session can …

action application command cve decoder deep packet inspection device devices dynamic flow juniper juniper networks junos junos os memory memory allocation network networks packet run security send series service session signature target traffic vulnerability