Lucene search

JuniperCVELIST:CVE-2023-44203

HistoryOct 12, 2023 - 11:06 p.m.

CVE-2023-44203 Junos OS: QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600: Packet flooding will occur when IGMP traffic is sent to an isolated VLAN

2023-10-1223:06:21

CWE-703

juniper

www.cve.org

junos os

qfx5000

ex2300

ex3400

ex4100

ex4400

ex4600

igmp

packet flooding

dos

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

12.8%

JSON

An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600 allows a adjacent attacker to send specific traffic, which leads to packet flooding, resulting in a Denial of Service (DoS).

When a specific IGMP packet is received in an isolated VLAN, it is duplicated to all other ports under the primary VLAN, which causes a flood.

This issue affects QFX5000 series, EX2300, EX3400, EX4100, EX4400 and EX4600 platforms only.

This issue affects Juniper Junos OS on on QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600:

All versions prior to 20.4R3-S5;
21.1 versions prior to 21.1R3-S4;
21.2 versions prior to 21.2R3-S3;
21.3 versions prior to 21.3R3-S5;
21.4 versions prior to 21.4R3-S2;
22.1 versions prior to 22.1R3;
22.2 versions prior to 22.2R3;
22.3 versions prior to 22.3R2.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "QFX5000 Series",
      "EX2300",
      "EX3400",
      "EX4100",
      "EX4400",
      "EX4600"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "20.4R3-S5",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.1R3-S4",
        "status": "affected",
        "version": "21.1",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S3",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S5",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S2",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R2",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      }
    ]
  }
]

References

supportportal.juniper.net/JSA73169

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

12.8%

JSON

Related for CVELIST:CVE-2023-44203