CVE-2023-44181
published 2023-10-13CVE-2023-44181: An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog. This issue is triggered when Storm control is enabled and ICMPv6 packets are present on device. This issue affects Juniper Networks: Junos OS * All versions prior to 20.2R3-S6 on QFX5k; * 20.3 versions prior to 20.3R3-S5 on QFX5k; * 20.4 versions prior to 20.4R3-S5 on QFX5k; * 21.1 versions prior to 21.1R3-S4 on QFX5k; * 21.2 versions prior to 21.2R3-S3 on QFX5k; * 21.3 versions prior to 21.3R3-S2 on QFX5k; * 21.4 versions prior to 21.4R3 on QFX5k; * 22.1 versions prior to 22.1R3 on QFX5k; * 22.2 versions prior to 22.2R2 on QFX5k.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | junos | < 20.2 | 20.2 |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos_os | — | — |
| juniper | qfx_series | — | — |
| juniper_networks | junos_os | < 20.2R3-S6 | 20.2R3-S6 |
| juniper_networks | junos_os | >= 20.3 < 20.3R3-S5 | 20.3R3-S5 |
| juniper_networks | junos_os | >= 20.4 < 20.4R3-S5 | 20.4R3-S5 |
| juniper_networks | junos_os | >= 21.1 < 21.1R3-S4 | 21.1R3-S4 |
| juniper_networks | junos_os | >= 21.2 < 21.2R3-S3 | 21.2R3-S3 |
| juniper_networks | junos_os | >= 21.3 < 21.3R3-S2 | 21.3R3-S2 |
| juniper_networks | junos_os | >= 21.4 < 21.4R3 | 21.4R3 |
| juniper_networks | junos_os | >= 22.1 < 22.1R3 | 22.1R3 |
| juniper_networks | junos_os | >= 22.2 < 22.2R2 | 22.2R2 |