CVE-2023-44188

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Oct 11, 2023

Updated: Feb 21, 2024

CWE ID 367

Summary

CVE-2023-44188 is a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Networks Junos OS. A network-authenticated attacker can cause a Denial of Service (DoS) by flooding the system with multiple telemetry requests, leading to repeated crashes of the Junos Kernel Debugging Streaming Daemon (jkdsd) process. This issue occurs due to a timing issue accessing stale memory, and affects various Junos OS versions, including 20.4, 21.1, 21.2, 21.3, 21.4, 22.1, 22.2, 22.3, and 23.1. Versions prior to 19.4R1 are not affected.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Juniper Junos

Affected Vendors

Juniper Networks

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sz8x9a
https://www.cve.org/CVERecord?id=CVE-2023-44188
https://nvd.nist.gov/vuln/detail/CVE-2023-44188

Back to Vulnerability Database