CVE-2023-28983
HIGHJuniper Networks Junos OS Evolved <22.1R1-EVO - Command Injection
Title source: llmDescription
An OS Command Injection vulnerability in gRPC Network Operations Interface (gNOI) server module of Juniper Networks Junos OS Evolved allows an authenticated, low privileged, network based attacker to inject shell commands and execute code. This issue affects Juniper Networks Junos OS Evolved 21.4 version 21.4R1-EVO and later versions prior to 22.1R1-EVO.
References (1)
Core 1
Core References
Vendor Advisory
https://supportportal.juniper.net/JSA70609
Scores
CVSS v3
8.8
EPSS
0.0129
EPSS Percentile
79.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-78
Status
published
Products (1)
juniper/junos_os_evolved
21.4 (11 CPE variants)
Published
Apr 17, 2023
Tracked Since
Feb 18, 2026