Denial of service in Junos OS pfe

Published: 2023-10-17

Risk	Medium
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2023-44183
CWE-ID	CWE-20
Exploitation vector	Local network
Public exploit	N/A
Vulnerable software	Juniper Junos OS Operating systems & Components / Operating system
Vendor	Juniper Networks, Inc.

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Improper input validation

EUVDB-ID: #VU82113

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-44183

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation error in the VxLAN packet forwarding engine (PFE) when multiple devices indicate that FPC0 has gone missing when issuing a show chassis fpc command. A remote attacker on the local network can perform a denial of service (DoS) attack.

The vulnerability affects QFX5000 and EX4600 series devices.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Juniper Junos OS: 20.4R1-S1 - 22.4R1

CPE2.3

External links

https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-QFX5000-Series-EX4600-Series-In-a-VxLAN-scenario-an-adjacent-attacker-within-the-VxLAN-sending-genuine-packets-may-cause-a-DMA-memory-leak-to-occur-CVE-2023-44183

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.