CVE-2023-44203

An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600 allows a adjacent attacker to send specific traffic, which leads to packet flooding, resulting in a Denial of Service (DoS). When a specific IGMP packet is received in an isolated VLAN, it is duplicated to all other ports under the primary VLAN, which causes a flood. This issue affects QFX5000 series, EX2300, EX3400, EX4100, EX4400 and EX4600 platforms only. This issue affects Juniper Junos OS on on QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600: * All versions prior to 20.4R3-S5; * 21.1 versions prior to 21.1R3-S4; * 21.2 versions prior to 21.2R3-S3; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S2; * 22.1 versions prior to 22.1R3; * 22.2 versions prior to 22.2R3; * 22.3 versions prior to 22.3R2.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://supportportal.juniper.net/JSA73169	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:juniper:junos::::::::
	cpe:2.3:o:juniper:junos:20.4:-::::::
	cpe:2.3:o:juniper:junos:20.4:r1::::::
	cpe:2.3:o:juniper:junos:20.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:20.4:r2::::::
	cpe:2.3:o:juniper:junos:20.4:r2-s1::::::
	cpe:2.3:o:juniper:junos:20.4:r2-s2::::::
	cpe:2.3:o:juniper:junos:20.4:r3::::::
	cpe:2.3:o:juniper:junos:20.4:r3-s1::::::
	cpe:2.3:o:juniper:junos:20.4:r3-s2::::::
	cpe:2.3:o:juniper:junos:20.4:r3-s3::::::
	cpe:2.3:o:juniper:junos:20.4:r3-s4::::::
	cpe:2.3:o:juniper:junos:21.1:-::::::
	cpe:2.3:o:juniper:junos:21.1:r1::::::
	cpe:2.3:o:juniper:junos:21.1:r1-s1::::::
	cpe:2.3:o:juniper:junos:21.1:r2::::::
	cpe:2.3:o:juniper:junos:21.1:r2-s1::::::
	cpe:2.3:o:juniper:junos:21.1:r2-s2::::::
	cpe:2.3:o:juniper:junos:21.1:r3::::::
	cpe:2.3:o:juniper:junos:21.1:r3-s1::::::
	cpe:2.3:o:juniper:junos:21.1:r3-s2::::::
	cpe:2.3:o:juniper:junos:21.1:r3-s3::::::
	cpe:2.3:o:juniper:junos:21.2:-::::::
	cpe:2.3:o:juniper:junos:21.2:r1::::::
	cpe:2.3:o:juniper:junos:21.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:21.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:21.2:r2::::::
	cpe:2.3:o:juniper:junos:21.2:r2-s1::::::
	cpe:2.3:o:juniper:junos:21.2:r2-s2::::::
	cpe:2.3:o:juniper:junos:21.2:r3::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s1::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s2::::::
	cpe:2.3:o:juniper:junos:21.3:-::::::
	cpe:2.3:o:juniper:junos:21.3:r1::::::
	cpe:2.3:o:juniper:junos:21.3:r1-s1::::::
	cpe:2.3:o:juniper:junos:21.3:r1-s2::::::
	cpe:2.3:o:juniper:junos:21.3:r2::::::
	cpe:2.3:o:juniper:junos:21.3:r2-s1::::::
	cpe:2.3:o:juniper:junos:21.3:r2-s2::::::
	cpe:2.3:o:juniper:junos:21.3:r3::::::
	cpe:2.3:o:juniper:junos:21.3:r3-s1::::::
	cpe:2.3:o:juniper:junos:21.3:r3-s2::::::
	cpe:2.3:o:juniper:junos:21.3:r3-s3::::::
	cpe:2.3:o:juniper:junos:21.3:r3-s4::::::
	cpe:2.3:o:juniper:junos:21.4:-::::::
	cpe:2.3:o:juniper:junos:21.4:r1::::::
	cpe:2.3:o:juniper:junos:21.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:21.4:r1-s2::::::
	cpe:2.3:o:juniper:junos:21.4:r2::::::
	cpe:2.3:o:juniper:junos:21.4:r2-s1::::::
	cpe:2.3:o:juniper:junos:21.4:r2-s2::::::
	cpe:2.3:o:juniper:junos:21.4:r3::::::
	cpe:2.3:o:juniper:junos:21.4:r3-s1::::::
	cpe:2.3:o:juniper:junos:22.1:r1::::::
	cpe:2.3:o:juniper:junos:22.1:r1-s1::::::
	cpe:2.3:o:juniper:junos:22.1:r1-s2::::::
	cpe:2.3:o:juniper:junos:22.1:r2::::::
	cpe:2.3:o:juniper:junos:22.1:r2-s1::::::
	cpe:2.3:o:juniper:junos:22.1:r2-s2::::::
	cpe:2.3:o:juniper:junos:22.2:r1::::::
	cpe:2.3:o:juniper:junos:22.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:22.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:22.2:r2::::::
	cpe:2.3:o:juniper:junos:22.2:r2-s1::::::
cpe:2.3:o:juniper:junos:22.2:r2-s2::::::
cpe:2.3:o:juniper:junos:22.3:r1::::::
cpe:2.3:o:juniper:junos:22.3:r1-s1::::::
cpe:2.3:o:juniper:junos:22.3:r1-s2::::::

OR	cpe:2.3:h:juniper:ex2300:-:::::::*
	cpe:2.3:h:juniper:ex2300-24mp:-:::::::*
	cpe:2.3:h:juniper:ex2300-24p:-:::::::*
	cpe:2.3:h:juniper:ex2300-24t:-:::::::*
	cpe:2.3:h:juniper:ex2300-48mp:-:::::::*
	cpe:2.3:h:juniper:ex2300-48p:-:::::::*
	cpe:2.3:h:juniper:ex2300-48t:-:::::::*
	cpe:2.3:h:juniper:ex2300-c:-:::::::*
	cpe:2.3:h:juniper:ex2300m:-:::::::*
	cpe:2.3:h:juniper:ex3400:-:::::::*
	cpe:2.3:h:juniper:ex4100:-:::::::*
	cpe:2.3:h:juniper:ex4100-f:-:::::::*
	cpe:2.3:h:juniper:ex4400:-:::::::*
	cpe:2.3:h:juniper:ex4600:-:::::::*
	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:qfx5100-96s:-:::::::*
	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5130:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*
	cpe:2.3:h:juniper:qfx5200-32c:-:::::::*
	cpe:2.3:h:juniper:qfx5200-48y:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:qfx5210-64c:-:::::::*
	cpe:2.3:h:juniper:qfx5220:-:::::::*

History

No history.

Information

Published : 2023-10-13 00:15

Updated : 2023-10-19 17:42

NVD link : CVE-2023-44203

Mitre link : CVE-2023-44203

CVE.ORG link : CVE-2023-44203

JSON object : View

Products Affected

juniper

ex4400
ex2300-48mp
junos
qfx5210-64c
qfx5100
ex2300-24p
qfx5210
ex3400
ex2300-24t
ex2300-c
qfx5200
ex2300-48t
ex2300-24mp
ex4600
qfx5200-48y
qfx5120
qfx5100-96s
ex2300
qfx5200-32c
ex2300-48p
ex2300m
ex4100
qfx5220
qfx5110
ex4100-f
qfx5130

CWE

NVD-CWE-Other CWE-703

Improper Check or Handling of Exceptional Conditions

6.5 /10