CVE-2023-44183

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Oct 13, 2023
Updated: Oct 20, 2023
CWE ID 401
CWE ID 20

Summary

CVE-2023-44183 is an Input Validation vulnerability in Juniper Networks Junos OS on QFX5000 Series, EX4600 Series devices. An unauthenticated, adjacent attacker can send specific packets to trigger a DMA memory leak in the VxLAN packet forwarding engine (PFE), causing FPC0 to go missing and interfaces to disappear. This issue is worst-case scenario, but other operational conditions are also possible. Affected versions include 18.4, 21.1, 21.3, 21.4, 21.4R1, 21.4R2, 22.1, 22.2, 22.3, and 22.4 prior to certain releases. The vulnerability can be detected by checking for FPC0 disappearance using the 'show chassis fpc detail' command.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Juniper Junos

Affected Vendors

  • Juniper Networks