How severe is CVE-2023-22398?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2023-22398?

This is classified as CWE-824, which is a common weakness in software security.

CVE-2023-22398

MEDIUM Year: 2023

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-824

View all →

Vulnerability Description

An Access of Uninitialized Pointer vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). When an MPLS ping is performed on BGP LSPs, the RPD might crash. Repeated execution of this operation will lead to a sustained DoS. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S12; 19.1 versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R1-S9, 19.2R3-S5; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R1-S1, 21.1R2; Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R2-EVO.

CVE-2018-5860

MEDIUM

CVSS:5.5(Medium)

In the MDSS driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, a data structure may be used without being initialized correctly.

CWE-8242018

CVE-2019-5693

MEDIUM

CVSS:5.5(Medium)

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) in which the program accesses or uses a pointer that has not been initialized, which m...

CWE-8242019

CVE-2020-1874

MEDIUM

CVSS:5.5(Medium)

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when...

CWE-8242020

CVE-2020-1875

MEDIUM

CVSS:5.5(Medium)

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer whe...

CWE-8242020

CVE-2021-41204

MEDIUM

CVSS:5.5(Medium)

TensorFlow is an open source platform for machine learning. In affected versions during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This resul...

CWE-8242021

CVE-2021-43746

MEDIUM

CVSS:5.5(Medium)

Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose sensitive information on affected installations. User...

CWE-8242021

CVE-2023-22398

Vulnerability Description

Related Vulnerabilities

CVE-2018-5860

CVE-2019-5693

CVE-2020-1874

CVE-2020-1875

CVE-2021-41204

CVE-2021-43746