CVE-2023-44181Infinite Loop in Networks Junos OS

CWE-835Infinite Loop4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 74.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedOct 13

Description

An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog. This issue is triggered when Storm control is enabled and ICMPv6 packets are present on device. This issue affects Juniper Networks: Junos OS * All versions prior to 20.2R3-S6 on QFX5k; * 20.3 versions prior to 20.3R3-S5 on QFX5k; * 20.4 versions prior to 20.4

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os20.320.3R3-S5+8
NVDjuniper/junos< 20.2+9

🔴Vulnerability Details

2
GHSA
GHSA-9jrm-qw53-pvvc: An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be p2023-10-13
CVEList
Junos OS: QFX5k: l2 loop in the overlay impacts the stability in a EVPN/VXLAN environment2023-10-12

📋Vendor Advisories

1
Juniper
CVE-2023-44181: An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be2023-10-13
CVE-2023-44181 — Infinite Loop in Networks Junos OS | cvebase