cbcvebase.
CVE-2023-1697
published 2023-04-17

CVE-2023-1697: An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated…

medium6.5CVSS 3.1
AVAACLPRNUINSUCNINAH
An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a dcpfe process core and thereby a Denial of Service (DoS). Continued receipt of these specific frames will cause a sustained Denial of Service condition. This issue occurs when a specific malformed ethernet frame is received. This issue affects Juniper Networks Junos OS on QFX10000 Series, PTX1000 Series Series: All versions prior to 19.4R3-S10; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S1; 22.1 versions prior to 22.1R2-S1, 22.1R3; 22.2 versions prior to 22.2R1-S2, 22.2R2.

Affected

25 ranges
VendorProductVersion rangeFixed in
juniperjunos< 19.419.4
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos_os
juniperqfx_series
juniper_networksjunos_os>= 20.1R1 < 20.1*20.1*
juniper_networksjunos_os>= 20.2 < 20.2R3-S620.2R3-S6
juniper_networksjunos_os>= 20.3 < 20.3R3-S620.3R3-S6
juniper_networksjunos_os>= 20.4 < 20.4R3-S520.4R3-S5
juniper_networksjunos_os>= 21.1 < 21.1R3-S421.1R3-S4
juniper_networksjunos_os>= 21.2 < 21.2R3-S321.2R3-S3
juniper_networksjunos_os>= 21.3 < 21.3R3-S321.3R3-S3
juniper_networksjunos_os>= 21.4 < 21.4R3-S121.4R3-S1
juniper_networksjunos_os>= 22.1 < 22.1R2-S1, 22.1R322.1R2-S1, 22.1R3
juniper_networksjunos_os>= 22.2 < 22.2R1-S2, 22.2R222.2R1-S2, 22.2R2
juniper_networksjunos_os>= unspecified < 19.4R3-S1019.4R3-S10