Lucene search

[email protected]CVE-2023-44191

HistoryOct 13, 2023 - 12:15 a.m.

CVE-2023-44191

2023-10-1300:15:12

CWE-770

[email protected]

web.nvd.nist.gov

juniper networks

junos os

cve-2023-44191

dos

vulnerability

network security

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

16.9%

JSON

An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS).

On all Junos OS QFX5000 Series and EX4000 Series platforms, when a high number of VLANs are configured, a specific DHCP packet will cause PFE hogging which will lead to dropping of socket connections.

This issue affects:

Juniper Networks Junos OS on QFX5000 Series and EX4000 Series

21.1 versions prior to 21.1R3-S5;
21.2 versions prior to 21.2R3-S5;
21.3 versions prior to 21.3R3-S5;
21.4 versions prior to 21.4R3-S4;
22.1 versions prior to 22.1R3-S3;
22.2 versions prior to 22.2R3-S1;
22.3 versions prior to 22.3R2-S2, 22.3R3;
22.4 versions prior to 22.4R2.

This issue does not affect Juniper Networks Junos OS versions prior to 21.1R1

Affected configurations

NVD

Node

juniperjunosMatch21.1-

juniperjunosMatch21.1r1

juniperjunosMatch21.1r1-s1

juniperjunosMatch21.1r2

juniperjunosMatch21.1r2-s1

juniperjunosMatch21.1r2-s2

juniperjunosMatch21.1r3

juniperjunosMatch21.1r3-s1

juniperjunosMatch21.1r3-s2

juniperjunosMatch21.1r3-s3

juniperjunosMatch21.1r3-s4

juniperjunosMatch21.2-

juniperjunosMatch21.2r1

juniperjunosMatch21.2r1-s1

juniperjunosMatch21.2r1-s2

juniperjunosMatch21.2r2

juniperjunosMatch21.2r2-s1

juniperjunosMatch21.2r2-s2

juniperjunosMatch21.2r3

juniperjunosMatch21.2r3-s1

juniperjunosMatch21.2r3-s2

juniperjunosMatch21.2r3-s3

juniperjunosMatch21.2r3-s4

juniperjunosMatch21.3-

juniperjunosMatch21.3r1

juniperjunosMatch21.3r1-s1

juniperjunosMatch21.3r1-s2

juniperjunosMatch21.3r2

juniperjunosMatch21.3r2-s1

juniperjunosMatch21.3r2-s2

juniperjunosMatch21.3r3

juniperjunosMatch21.3r3-s1

juniperjunosMatch21.3r3-s2

juniperjunosMatch21.3r3-s3

juniperjunosMatch21.3r3-s4

juniperjunosMatch21.4-

juniperjunosMatch21.4r1

juniperjunosMatch21.4r1-s1

juniperjunosMatch21.4r1-s2

juniperjunosMatch21.4r2

juniperjunosMatch21.4r2-s1

juniperjunosMatch21.4r2-s2

juniperjunosMatch21.4r3

juniperjunosMatch21.4r3-s1

juniperjunosMatch21.4r3-s2

juniperjunosMatch21.4r3-s3

juniperjunosMatch22.1r1

juniperjunosMatch22.1r1-s1

juniperjunosMatch22.1r1-s2

juniperjunosMatch22.1r2

juniperjunosMatch22.1r2-s1

juniperjunosMatch22.1r2-s2

juniperjunosMatch22.1r3

juniperjunosMatch22.1r3-s1

juniperjunosMatch22.1r3-s2

juniperjunosMatch22.2-

juniperjunosMatch22.2r1

juniperjunosMatch22.2r1-s1

juniperjunosMatch22.2r1-s2

juniperjunosMatch22.2r3

juniperjunosMatch22.3r1

juniperjunosMatch22.3r1-s1

juniperjunosMatch22.3r1-s2

juniperjunosMatch22.3r2

juniperjunosMatch22.3r2-s1

juniperjunosMatch22.4r1

juniperjunosMatch22.4r1-s1

juniperjunosMatch22.4r1-s2

AND

juniperex2300Match-

juniperex2300-cMatch-

juniperex2300_multigigabitMatch-

juniperex3400Match-

juniperex4100Match-

juniperex4100-fMatch-

juniperex4100_multigigabitMatch-

juniperex4300Match-

juniperex4300_multigigabitMatch-

juniperex4400Match-

juniperex4400-24xMatch-

juniperex4400_multigigabitMatch-

juniperex4600Match-

juniperex4650Match-

juniperex9200Match-

juniperex9250Match-

juniperqfk5110Match-

juniperqfk5120Match-

juniperqfk5130Match-

juniperqfk5200Match-

juniperqfk5210Match-

juniperqfk5220Match-

juniperqfk5230Match-

juniperqfk5700Match-

CPENameOperatorVersion
juniper:junosjuniper junoseq21.1
juniper:junosjuniper junoseq21.2
juniper:junosjuniper junoseq21.3
juniper:junosjuniper junoseq21.4
juniper:junosjuniper junoseq22.1
juniper:junosjuniper junoseq22.2
juniper:junosjuniper junoseq22.3
juniper:junosjuniper junoseq22.4

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	21.1
juniper:junos	juniper junos	eq	21.2
juniper:junos	juniper junos	eq	21.3
juniper:junos	juniper junos	eq	21.4
juniper:junos	juniper junos	eq	22.1
juniper:junos	juniper junos	eq	22.2
juniper:junos	juniper junos	eq	22.3
juniper:junos	juniper junos	eq	22.4

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "QFX5000 Series",
      "EX4000 Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "21.1R1",
        "status": "unaffected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.1R3-S5",
        "status": "affected",
        "version": "21.1",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S5",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S5",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S4",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S3",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S1",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R2-S2, 22.3R3",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R2",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      }
    ]
  }
]