CVE-2023-44196Improper Check for Unusual or Exceptional Conditions in Networks Junos OS Evolved

CWE-754Improper Check for Unusual or Exceptional ConditionsCWE-923Improper Restriction of Communication Channel to Intended Endpoints5 documents4 sources
Severity
6.5MEDIUMNVD
CNA5.4
EPSS
0.0%
top 89.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OS EvolvedJuniper Junos OS Evolved
Timeline
PublishedOct 13

Description

An Improper Check for Unusual or Exceptional Conditions in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS Evolved on PTX10003 Series allows an unauthenticated adjacent attacker to cause an impact to the integrity of the system. When specific transit MPLS packets are received by the PFE, these packets are internally forwarded to the RE. This issue is a prerequisite for CVE-2023-44195. This issue affects Juniper Networks Junos OS Evolved: * All versions prior to 20.4R3-S8-EVO;

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os_evolved21.1R1-EVO21.1*-EVO+8

🔴Vulnerability Details

2
GHSA
GHSA-ghc9-27wr-4w58: An Improper Check for Unusual or Exceptional Conditions in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS Evolved on PTX10003 Series2023-10-13
CVEList
Junos OS Evolved: PTX10003 Series: Packets which are not destined to the router can reach the RE2023-10-12

📋Vendor Advisories

2
Juniper
CVE-2023-44196: An Improper Check for Unusual or Exceptional Conditions in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS Evolved on PTX10003 Series2023-10-13
Juniper
CVE-2023-44195: An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks2023-10-13
CVE-2023-44196 — MEDIUM severity | cvebase