CVE-2023-44183 Junos OS: QFX5000 Series, EX4600 Series: In a VxLAN scenario an adjacent attacker within the VxLAN sending genuine packets may cause a DMA memory leak to occur.

🗓️ 12 Oct 2023 23:02:20Reported by juniperType

Improper Input Validation in Junos OS VxLAN packet forwarding engine may cause DMA memory lea

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the Packet Forwarding Engine (PFE) module in Junos router operating systems of the QFX5000 and EX4600 series exists due to insufficient validation of input data. This allows attackers to execute arbitrary code.	17 Oct 202300:00	–	bdu_fstec
Circl	CVE-2023-44183	3 Jan 202414:41	–	circl
CNNVD	Juniper Networks Junos OS Input Validation Error Vulnerability	12 Oct 202300:00	–	cnnvd
CVE	CVE-2023-44183	12 Oct 202323:02	–	cve
EUVD	EUVD-2023-48542	3 Oct 202520:07	–	euvd
Tenable Nessus	Juniper Junos OS Vulnerability (JSA73148)	1 Nov 202300:00	–	nessus
NVD	CVE-2023-44183	13 Oct 202300:15	–	nvd
OSV	CVE-2023-44183	13 Oct 202300:15	–	osv
Prion	Input validation	13 Oct 202300:15	–	prion
Positive Technologies	PT-2023-6134 · Juniper Networks · Junos	11 Oct 202300:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "QFX5000 Series",
      "EX4600 Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "18.4*",
        "status": "affected",
        "version": "18.4R2",
        "versionType": "semver"
      },
      {
        "lessThan": "20.4R3-S8",
        "status": "affected",
        "version": "20.4",
        "versionType": "semver"
      },
      {
        "lessThan": "21.1*",
        "status": "affected",
        "version": "21.1R1",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S6",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S5",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S4",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S3",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S1",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R2-S2, 22.3R3",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R2",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
juniper	www.juniper.net/documentation/us/en/software/junos/evpn-vxlan/topics/topic-map/sdn-vxlan.html
supportportal	www.supportportal.juniper.net/JSA73148
juniper	www.juniper.net/documentation/us/en/software/junos/multicast-l2/topics/topic-map/redundant-trunk-groups.html

12 Oct 2023 23:02Current

6.9Medium risk

Vulners AI Score6.9

CVSS 3.16.5

EPSS0.00322

CWE-20